Cyber attacks are the core of any security assessment of ICT-based systems. One of the more promising research fields in this context is related to the representation of the attack patterns. Several are the models proposed to represent them; these models usually provide a generic representation of attacks. Conversely, the experience shows that attack profiles are strongly dependent upon several boundary conditions. This paper defends that from the security assessment perspective, it is necessary to integrate the knowledge contained in the attack patterns with boundary knowledge related to vulnerability of the target system and to the potential threats. In this paper, after a characterization of this boundary knowledge, we propose an n-dimensional view of the attack tree approach, integrating information on threats and vulnerabilities. Moreover, we show how to use this view to derive knowledge about the security exposure of a target system. © Springer-Verlag Berlin Heidelberg 2006.
CITATION STYLE
Nai Fovino, I., & Masera, M. (2006). Through the description of attacks: A multidimensional view. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4166 LNCS, pp. 15–28). Springer Verlag. https://doi.org/10.1007/11875567_2
Mendeley helps you to discover research relevant for your work.