A visualisation technique for the identification of security threats in networked systems

Abstract

This paper is primarily focused on the increased IT complexity problem and the identification of security threats in networked systems. Modern networking systems, applications and services are found to be more complex in terms of integration and distribution, therefore, harder to be managed and protected. CIOs have to put their effort on threat's identification, risk management and security evaluation processes. Objective decision making requires measuring, identifying and evaluating all enterprise events, either positive (opportunities) or negative (risks) and keeping them in perspective with the business objectives. Our approach is based on a visualisation technique that helps in decision making process, focusing on the threat identification using attack scenarios. For constructing attack scenarios we use the notion of attack graphs, as well as layered security approach. The proposed onion skin model combines attack graphs and security layers to illustrate possible threats and shortest paths to the attacker's goal. By providing few examples we justify the advantage of the threat identification technique in decision making process.