Understanding How Components of Organisations Contribute to Attacks

Min Gu, Zaruhi Aslanyan, Christian W. Probst

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

254 Downloads (Pure)

Abstract

Attacks on organisations today explore many different layers, including buildings infrastructure, IT infrastructure, and human factor – the physical, virtual, and social layer. Identifying possible attacks, understanding their impact, and attributing their origin and contributing factors is difficult. Recently, system models have been used for automatically identifying possible attacks on the modelled organisation. The generated attacks consider all three layers, making the contribution of building infrastructure, computer infrastructure, and humans (insiders and outsiders) explicit. However, this contribution is only visible in the attack trees as part of the performed steps; it cannot be mapped back to the model directly since the actions usually involve several elements (attacker and targeted actor or asset). Especially for large attack trees, understanding the relations between several model components quickly results in a large quantity of interrelations, which are hard to grasp. In this work we present several approaches for visualising attributes of attacks such as likelihood of success, impact, and required time or skill level. The resulting visualisations provide a link between attacks on an organisations and the contribution of parts of an organisation to the attack and its impact.
Original languageEnglish
Title of host publicationProceedings of the 21st Nordic Conference on Secure IT Systems (NordSec 2016)
PublisherSpringer
Publication date2016
Pages54-66
ISBN (Print)978-3-319-47559-2
ISBN (Electronic)978-3-319-47560-8
DOIs
Publication statusPublished - 2016
Event21st Nordic Conference on Secure IT Systems (NordSec 2016) - Oulu, Finland
Duration: 2 Nov 20164 Nov 2016
Conference number: 21
http://nordsec.oulu.fi/

Conference

Conference21st Nordic Conference on Secure IT Systems (NordSec 2016)
Number21
CountryFinland
CityOulu
Period02/11/201604/11/2016
Internet address
SeriesLecture Notes in Computer Science
Volume10014
ISSN0302-9743

Fingerprint

Dive into the research topics of 'Understanding How Components of Organisations Contribute to Attacks'. Together they form a unique fingerprint.

Cite this