Show simple item record

dc.contributor.authorMaple, Carstenen_GB
dc.contributor.authorViduto, Valentinaen_GB
dc.date.accessioned2013-02-28T13:50:54Z
dc.date.available2013-02-28T13:50:54Z
dc.date.issued2010
dc.identifier.citationViduto, V., Maple, C. (2010) “A visualisation technique for the identification of security threats in networked systems”, In 14th International Conference on Information Visualisation, IV 2010, 26-29 July, London, UK, IEEE Computer Society, 2010,pp. 551-556.en_GB
dc.identifier.isbn9780769541655
dc.identifier.doi10.1109/IV.2010.81
dc.identifier.urihttp://hdl.handle.net/10547/270638
dc.description.abstractThis paper is primarily focused on the increased IT complexity problem and the identification of security threats in networked systems. Modern networking systems, applications and services are found to be more complex in terms of integration and distribution, therefore, harder to be managed and protected. CIOs have to put their effort on threat's identification, risk management and security evaluation processes. Objective decision making requires measuring, identifying and evaluating all enterprise events, either positive (opportunities) or negative (risks) and keeping them in perspective with the business objectives. Our approach is based on a visualisation technique that helps in decision making process, focusing on the threat identification using attack scenarios. For constructing attack scenarios we use the notion of attack graphs, as well as layered security approach. The proposed onion skin model combines attack graphs and security layers to illustrate possible threats and shortest paths to the attacker's goal. By providing few examples we justify the advantage of the threat identification technique in decision making process.
dc.language.isoenen
dc.publisherIEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INCen_GB
dc.relation.urlhttp://ieeexplore.ieee.org/lpdocs/epic03/wrapper.htm?arnumber=5571147en_GB
dc.titleA visualisation technique for the identification of security threats in networked systemsen
dc.typeConference papers, meetings and proceedingsen
html.description.abstractThis paper is primarily focused on the increased IT complexity problem and the identification of security threats in networked systems. Modern networking systems, applications and services are found to be more complex in terms of integration and distribution, therefore, harder to be managed and protected. CIOs have to put their effort on threat's identification, risk management and security evaluation processes. Objective decision making requires measuring, identifying and evaluating all enterprise events, either positive (opportunities) or negative (risks) and keeping them in perspective with the business objectives. Our approach is based on a visualisation technique that helps in decision making process, focusing on the threat identification using attack scenarios. For constructing attack scenarios we use the notion of attack graphs, as well as layered security approach. The proposed onion skin model combines attack graphs and security layers to illustrate possible threats and shortest paths to the attacker's goal. By providing few examples we justify the advantage of the threat identification technique in decision making process.


This item appears in the following Collection(s)

Show simple item record