Title: Attack Modeling for Information Security and Survivability
Abstract: Many engineering disciplines rely on engineering failure data to improve their designs. Unfortunately, this is not the case with information system engineers, who generally do not use security failure data—particularly attack data—to improve the security and survivability of systems that they develop. Part of the reason for this is that, historically, businesses and governments have been reticent to disclose information about attacks on their systems for fear of losing public confidence or for fear that other attackers would exploit the same or similar vulnerabilities. Specific, detailed attack data has just not been available.
However, increased public interest and media coverage of the Internet's security have resulted in increased publication of attack data in books, Internet and CERT security advisories, for example. Engineers can now use this data in a structured way to improve information system security and survivability.
This technical note describes and illustrates an approach for documenting attack information in a structured and reusable form. We expect that security analysts can use this approach to document and identify commonly occurring attack patterns, and that information system designers and analysts can use these patterns to develop more survivable information systems.
Publication Year: 2001
Publication Date: 2001-03-01
Language: en
Type: article
Access and Citation
Cited By Count: 259
AI Researcher Chatbot
Get quick answers to your questions about the article from our AI researcher chatbot