TY - GEN
T1 - Considering internal vulnerabilities and the attacker's knowledge to model the impact of cyber events as geometrical prisms
AU - González-Granadillo, Gustavo
AU - Rubio-Hernán, José
AU - Garcia-Alfaro, Joaquin
AU - Debar, Hervé
N1 - Publisher Copyright:
© 2016 IEEE.
PY - 2016/1/1
Y1 - 2016/1/1
N2 - We propose a model to represent graphically the impact of cyber events (e.g., attacks, countermeasures) as a prismatic instance of n-sides. The approach considers information about all entities composing an information system (e.g., users, IP addresses, resources, etc.), as well as information about the attacker's knowledge, motivation and capabilities. The base of the prism is represented as an n-side polygon (e.g., triangle, square, pentagon, etc.), which depicts the internal information of the system, whereas the height of the prism is represented as a single axis which depicts the external information of the system. We propose geometrical operations to determine the impact of cyber security events (i.e., area, volume, event coverage, residual risk, and potential collateral damages). A case study is proposed at the end of the paper to show the applicability of the model in a scenario with multiple attacks.
AB - We propose a model to represent graphically the impact of cyber events (e.g., attacks, countermeasures) as a prismatic instance of n-sides. The approach considers information about all entities composing an information system (e.g., users, IP addresses, resources, etc.), as well as information about the attacker's knowledge, motivation and capabilities. The base of the prism is represented as an n-side polygon (e.g., triangle, square, pentagon, etc.), which depicts the internal information of the system, whereas the height of the prism is represented as a single axis which depicts the external information of the system. We propose geometrical operations to determine the impact of cyber security events (i.e., area, volume, event coverage, residual risk, and potential collateral damages). A case study is proposed at the end of the paper to show the applicability of the model in a scenario with multiple attacks.
UR - https://www.scopus.com/pages/publications/85015220818
U2 - 10.1109/TrustCom.2016.0082
DO - 10.1109/TrustCom.2016.0082
M3 - Conference contribution
AN - SCOPUS:85015220818
T3 - Proceedings - 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 10th IEEE International Conference on Big Data Science and Engineering and 14th IEEE International Symposium on Parallel and Distributed Processing with Applications, IEEE TrustCom/BigDataSE/ISPA 2016
SP - 340
EP - 348
BT - Proceedings - 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 10th IEEE International Conference on Big Data Science and Engineering and 14th IEEE International Symposium on Parallel and Distributed Processing with Applications, IEEE TrustCom/BigDataSE/ISPA 2016
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - Joint 15th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 10th IEEE International Conference on Big Data Science and Engineering and 14th IEEE International Symposium on Parallel and Distributed Processing with Applications, IEEE TrustCom/BigDataSE/ISPA 2016
Y2 - 23 August 2016 through 26 August 2016
ER -