{"title":"一种网络系统安全威胁识别的可视化技术","authors":"C. Maple, V. Viduto","doi":"10.1109/IV.2010.81","DOIUrl":null,"url":null,"abstract":"This paper is primarily focused on the increased IT complexity problem and the identification of security threats in networked systems. Modern networking systems, applications and services are found to be more complex in terms of integration and distribution, therefore, harder to be managed and protected. CIOs have to put their effort on threat's identification, risk management and security evaluation processes. Objective decision making requires measuring, identifying and evaluating all enterprise events, either positive (opportunities) or negative (risks) and keeping them in perspective with the business objectives. Our approach is based on a visualisation technique that helps in decision making process, focusing on the threat identification using attack scenarios. For constructing attack scenarios we use the notion of attack graphs, as well as layered security approach. The proposed onion skin model combines attack graphs and security layers to illustrate possible threats and shortest paths to the attacker's goal. By providing few examples we justify the advantage of the threat identification technique in decision making process.","PeriodicalId":328464,"journal":{"name":"2010 14th International Conference Information Visualisation","volume":"49 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":"{\"title\":\"A Visualisation Technique for the Identification of Security Threats in Networked Systems\",\"authors\":\"C. Maple, V. Viduto\",\"doi\":\"10.1109/IV.2010.81\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper is primarily focused on the increased IT complexity problem and the identification of security threats in networked systems. Modern networking systems, applications and services are found to be more complex in terms of integration and distribution, therefore, harder to be managed and protected. CIOs have to put their effort on threat's identification, risk management and security evaluation processes. Objective decision making requires measuring, identifying and evaluating all enterprise events, either positive (opportunities) or negative (risks) and keeping them in perspective with the business objectives. Our approach is based on a visualisation technique that helps in decision making process, focusing on the threat identification using attack scenarios. For constructing attack scenarios we use the notion of attack graphs, as well as layered security approach. The proposed onion skin model combines attack graphs and security layers to illustrate possible threats and shortest paths to the attacker's goal. By providing few examples we justify the advantage of the threat identification technique in decision making process.\",\"PeriodicalId\":328464,\"journal\":{\"name\":\"2010 14th International Conference Information Visualisation\",\"volume\":\"49 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2010-07-26\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"9\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2010 14th International Conference Information Visualisation\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IV.2010.81\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 14th International Conference Information Visualisation","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IV.2010.81","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Visualisation Technique for the Identification of Security Threats in Networked Systems
This paper is primarily focused on the increased IT complexity problem and the identification of security threats in networked systems. Modern networking systems, applications and services are found to be more complex in terms of integration and distribution, therefore, harder to be managed and protected. CIOs have to put their effort on threat's identification, risk management and security evaluation processes. Objective decision making requires measuring, identifying and evaluating all enterprise events, either positive (opportunities) or negative (risks) and keeping them in perspective with the business objectives. Our approach is based on a visualisation technique that helps in decision making process, focusing on the threat identification using attack scenarios. For constructing attack scenarios we use the notion of attack graphs, as well as layered security approach. The proposed onion skin model combines attack graphs and security layers to illustrate possible threats and shortest paths to the attacker's goal. By providing few examples we justify the advantage of the threat identification technique in decision making process.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
