网络欺骗的可视化建模

2018 IEEE Symposium on Visual Languages and Human-Centric Computing (VL/HCC) Pub Date : 2018-10-01 DOI:10.1109/VLHCC.2018.8506515

Cristiano De Faveri, A. Moreira

{"title":"网络欺骗的可视化建模","authors":"Cristiano De Faveri, A. Moreira","doi":"10.1109/VLHCC.2018.8506515","DOIUrl":null,"url":null,"abstract":"Deception-based defense relies on deliberated actions to manipulate the attackers' perception of a system. It requires careful planning and application of multiple techniques to be effective. Therefore, deceptive strategies should be studied in isolation from the traditional security mechanisms. To support this goal, we develop DML, a visual language for deception modeling, offering three complementary views of deception: requirements model, deception tactics feature model, and deception strategy organizational. DML integrates goal-oriented requirements models and threat models to compose a comprehensive model considering the influences of developing deceptive mechanisms and the associated risks. The feasibility of DML is demonstrated via a tool prototype and a set of illustrative scenarios for a web system.","PeriodicalId":444336,"journal":{"name":"2018 IEEE Symposium on Visual Languages and Human-Centric Computing (VL/HCC)","volume":"20 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Visual Modeling of Cyber Deception\",\"authors\":\"Cristiano De Faveri, A. Moreira\",\"doi\":\"10.1109/VLHCC.2018.8506515\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Deception-based defense relies on deliberated actions to manipulate the attackers' perception of a system. It requires careful planning and application of multiple techniques to be effective. Therefore, deceptive strategies should be studied in isolation from the traditional security mechanisms. To support this goal, we develop DML, a visual language for deception modeling, offering three complementary views of deception: requirements model, deception tactics feature model, and deception strategy organizational. DML integrates goal-oriented requirements models and threat models to compose a comprehensive model considering the influences of developing deceptive mechanisms and the associated risks. The feasibility of DML is demonstrated via a tool prototype and a set of illustrative scenarios for a web system.\",\"PeriodicalId\":444336,\"journal\":{\"name\":\"2018 IEEE Symposium on Visual Languages and Human-Centric Computing (VL/HCC)\",\"volume\":\"20 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 IEEE Symposium on Visual Languages and Human-Centric Computing (VL/HCC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/VLHCC.2018.8506515\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 IEEE Symposium on Visual Languages and Human-Centric Computing (VL/HCC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/VLHCC.2018.8506515","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

摘要

基于欺骗的防御依赖于故意的行动来操纵攻击者对系统的感知。它需要仔细规划和多种技术的应用才能有效。因此，欺骗策略的研究应脱离传统的安全机制。为了实现这一目标，我们开发了DML，一种用于欺骗建模的可视化语言，提供了三种互补的欺骗视图:需求模型、欺骗策略特征模型和欺骗策略组织。DML集成了面向目标的需求模型和威胁模型，构成了一个综合的模型，考虑了开发欺骗机制和相关风险的影响。通过一个工具原型和一组web系统的说明性场景来证明DML的可行性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Visual Modeling of Cyber Deception

Deception-based defense relies on deliberated actions to manipulate the attackers' perception of a system. It requires careful planning and application of multiple techniques to be effective. Therefore, deceptive strategies should be studied in isolation from the traditional security mechanisms. To support this goal, we develop DML, a visual language for deception modeling, offering three complementary views of deception: requirements model, deception tactics feature model, and deception strategy organizational. DML integrates goal-oriented requirements models and threat models to compose a comprehensive model considering the influences of developing deceptive mechanisms and the associated risks. The feasibility of DML is demonstrated via a tool prototype and a set of illustrative scenarios for a web system.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2018 IEEE Symposium on Visual Languages and Human-Centric Computing (VL/HCC)

自引率

0.00%

发文量