Kotenko et al., 2015 - Google Patents
The CAPEC based generator of attack scenarios for network security evaluationKotenko et al., 2015
- Document ID
- 12106208442339232243
- Author
- Kotenko I
- Doynikova E
- Publication year
- Publication venue
- 2015 IEEE 8th International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS)
External Links
Snippet
The paper proposes a technique and a software tool for generation of attack scenarios- random sequences of attack patterns and appropriate sequences of security events. The technique suggested is based on the application of open standards for representation of …
- 238000011156 evaluation 0 title description 3
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Kotenko et al. | The CAPEC based generator of attack scenarios for network security evaluation | |
| Xiong et al. | Cyber security threat modeling based on the MITRE Enterprise ATT&CK Matrix | |
| Kotenko et al. | A cyber attack modeling and impact assessment framework | |
| Sommestad et al. | The cyber security modeling language: A tool for assessing the vulnerability of enterprise system architectures | |
| Kotenko et al. | Attack graph based evaluation of network security | |
| Kotenko et al. | Security analysis of information systems taking into account social engineering attacks | |
| Dalton et al. | Analyzing attack trees using generalized stochastic petri nets | |
| Doynikova et al. | CVSS-based probabilistic risk assessment for cyber situational awareness and countermeasure selection | |
| Li et al. | Security attack analysis using attack patterns | |
| Kotenko et al. | Attack Modelling and Security Evaluation for Security Information and Event Management. | |
| Mirjalili et al. | A survey on web penetration test | |
| Frydman et al. | Automating risk analysis of software design models | |
| CN104881606B (en) | Software security requirement acquisition method based on Formal Modeling | |
| David et al. | Modelling social-technical attacks with timed automata | |
| Kotenko et al. | NETWORK SECURITY EVALUATION BASED ON SIMULATION OF MALFACTOR’S BEHAVIOR | |
| US11777979B2 (en) | System and method to perform automated red teaming in an organizational network | |
| Wolf et al. | The PASTA threat model implementation in the IoT development life cycle | |
| Alhassan et al. | A fuzzy classifier-based penetration testing for web applications | |
| Li et al. | An approach to model network exploitations using exploitation graphs | |
| Mauri et al. | Stride-ai: An approach to identifying vulnerabilities of machine learning assets | |
| Song et al. | Generating fake cyber threat intelligence using the gpt-neo model | |
| Kumar et al. | A quantitative security risk analysis framework for modelling and analyzing advanced persistent threats | |
| Rouached et al. | An efficient formal framework for intrusion detection systems | |
| Sheikh et al. | A Hybrid Threat Assessment Model for Security of Cyber Physical Systems | |
| Mohanty et al. | Security Testing of Web Applications UsingThreat Modeling: A Systematic Review |