Various techniques have been proposed to model attacks on systems. In order to understand such attacks and thereby propose efficient mitigations, the sequence of steps in the attack should be analysed thoroughly. However, there is a lack of techniques to represent intrusion scenarios across a system architecture. This paper proposes a new technique called misuse sequence diagrams (MUSD). MUSD represents the sequence of attacker interactions with system components and how they were misused over time by exploiting their vulnerabilities. The paper investigates MUSD in a controlled experiment with 42 students, comparing it with a similar technique called misuse case maps (MUCM). The results suggest that the two mostly perform equally well and they are complementary regarding architectural issues and temporal sequences of actions though MUSD was perceived more favourably.

-- DanielAmyot - 20 Jun 2011


FormForVirtualLibrary edit

Title Comparing Two Techniques for Intrusion Visualization
Authors V. Katta, P. Kárpáti, A.L. Opdahl, C. Raspotnig, G. Sindre
Type Conference
Conference/Journal Title The Practice of Enterprise Modeling (PoEM 2010)
Volume/Number LNBIP 68
Editors P. van Bommel, S. Hoppenbrouwers, S. Overbeek, E. Proper. and J. Barjis
Publisher Springer
Month November
Year 2010
Pages 1-15
DOI 10.1007/978-3-642-16782-9_1
Keywords Requirements engineering, Security, Experiment, Threat modeling, Misuse Case Maps, Misuse Sequence Diagrams
Topic revision: r1 - 20 Jun 2011, DanielAmyot
This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding Foswiki? Send feedback