Introducing GAMfIS: A Generic Attacker Model for Information Security

被引:0
|
作者
Fraunholz, Daniel [1 ]
Duque Anton, Simon [1 ]
Schotten, Hans Dieter [1 ]
机构
[1] German Res Ctr Artificial Intelligence, Intelligent Networks Res Grp, D-67663 Kaiserslautern, Germany
来源
2017 25TH INTERNATIONAL CONFERENCE ON SOFTWARE, TELECOMMUNICATIONS AND COMPUTER NETWORKS (SOFTCOM) | 2017年
关键词
D O I
暂无
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Since the employment of digital technologies in more and more domains, such as finance, industry, government, health and many more, the amount of data stored digitally has vastly increased. This offers new opportunities to malicious adversaries who, for financial, ethical or political reasons, want to access or modify this data. In order to enable owners of IT-systems to assess threats and risks, we propose an attacker model named GAMfIS that groups types of attackers by their motivations, skills and resources. We compared GAMfIS to existing models, allowing for a comprehensive evaluation. In addition to that, we applied our model to a simplified risk assessment of a current use case to demonstrate the capabilities of GAMfIS. We conclude our work by highlighting the perks of GAMfIS.
引用
收藏
页码:393 / 398
页数:6
相关论文
共 50 条
  • [1] Adaptable Authentication Model: Exploring Security with Weaker Attacker Models
    Ahmed, Naveed
    Jensen, Christian D.
    [J]. ENGINEERING SECURE SOFTWARE AND SYSTEMS, 2011, 6542 : 234 - 247
  • [2] A quantitative model of the security intrusion process based on attacker behavior
    Jonsson, E
    Olovsson, T
    [J]. IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 1997, 23 (04) : 235 - 245
  • [3] A Generic Framework for Information Security Policy Development
    Ismail, Wan Basri Wan
    Widyarto, Setyawan
    Ahmad, Raja Ahmad Tariqi Raja
    Abd Ghani, Khatipah
    [J]. 2017 4TH INTERNATIONAL CONFERENCE ON ELECTRICAL ENGINEERING, COMPUTER SCIENCE AND INFORMATICS (EECSI), 2017, : 320 - 325
  • [4] Grid Cyber-Security Strategy in an Attacker-Defender Model
    Chen, Yu-Cheng
    Mooney, Vincent
    Grijalva, Santiago
    [J]. 2020 CLEMSON UNIVERSITY POWER SYSTEMS CONFERENCE (PSC), 2020,
  • [5] Introducing security aspects with model transformation
    Fox, J
    Jürjens, J
    [J]. 12TH IEEE INTERNATIONAL CONFERENCE AND WORKSHOPS ON THE ENGINEERING OF COMPUTER-BASED SYSTEMS, PROCEEDINGS, 2005, : 543 - 549
  • [6] Introducing a new framework for using generic Information Delivery Manuals
    Mondrup, T. F.
    Treldal, N.
    Karlshoj, J.
    Vestergaard, F.
    [J]. EWORK AND EBUSINESS IN ARCHITECTURE, ENGINEERING AND CONSTRUCTION 2014, 2015, : 295 - 301
  • [7] Grid Cyber-Security Strategy in an Attacker-Defender Model
    Chen, Yu-Cheng
    Mooney, Vincent John, III
    Grijalva, Santiago
    [J]. CRYPTOGRAPHY, 2021, 5 (02)
  • [8] A note on security proofs in the generic model
    Fischlin, M
    [J]. ADVANCES IN CRYPTOLOGY ASIACRYPT 2000, PROCEEDINGS, 2000, 1976 : 458 - 469
  • [9] A generic model for analyzing security protocols
    Gu, YG
    Fu, YX
    Zhong, FR
    Zhu, H
    [J]. COMPUTER NETWORK SECURITY, PROCEEDINGS, 2005, 3685 : 119 - 128
  • [10] A Generic Model for Delegation in Security Policies
    Abbassi, Ryma
    El Fatmi, Sihem Guemara
    [J]. 2009 FIRST INTERNATIONAL CONFERENCE ON COMMUNICATIONS AND NETWORKING (COMNET 2009), 2009, : 125 - 132
12345