Abstract
With the development of the Internet, offensive and defensive techniques become increasingly important. How to macroscopically grasp and understand offensive and defensive situation is necessary. In this paper, we use the international popular Zachman Framework (ZF), combined with management ideas, to build the Network Attack and Defensive Framework (NADF). The framework provides a structured way for any attack and defense to acquire the necessary knowledge. When attacks and defenses are brought into the management structure, we will more easily find system weakness. Especially for defense system, we can further improve the defense capability. Moreover, the framework is useful for security measurement in enterprises or organizations.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Zhu, Y.L.: The current situation of network security and defense technology. Inf. Secur. 4, 27–28 (2013)
Talk About DoS Attack and DDoS Attack. http://netsecurity.51cto.com/art/200511/11982.htm
Lin, C., Wang, Y., Li, Q.L.: Stochastic modeling and evaluation for network security. Chin. J. Comput. 9, 1943–1956 (2005)
Wang, Y.Z., Lin, C., Chen, X.Q., Fang, B.X.: Analysis for network attack-defense based on stochastic game model. Chin. J. Comput. 9, 1748–1762 (2010)
McDermott J.: Attack potential-based survivability modeling for high-consequence systems. In: Proceedings of the 3rd IEEE International Workshop on Information Assurance, Washington D.C., pp. 119–130 (2005)
Lye, K., Wing, J.M.: Game strategies in network security. In: Proceedings of the 15th IEEE Computer Security Foundations Workshop, vol. 4(1–2), pp. 71–86. Copen hagen (2002)
Evangelopoulou, M., Johnson, C.W.: Empirical framework for situation awareness measurement techniques in network defense. In: International Conference on Cyber Situational Awareness, Data Analytics and Assessment, pp. 1–4. IEEE (2015)
Lapalme, J., Gerber, A., Merwe, A.V.D., et al.: Exploring the future of enterprise architecture. Comput. Ind. 79(C), 103–113 (2016)
Xu, Z.Y., Zhang, W.K., Yin, Y.H.: APT attacks and its defense. Commun. Technol. 48(6), 740–745 (2015)
Zachman, J.A.: A framework for information systems architecture. IBM Syst. J. 26(3), 235–254 (1987)
Aposolia, P., Hakima, C.: RFID-assisted indoor localization and the impact of interference on its performance. J. Netw. Comput. Appl. 34, 902–913 (2011)
Nikolaidou, M., Enterprise, A.N., Engineering, I.S.: A model-based approach based on the Zachman framework. In: Proceedings of the 41st Hawaii International Conference on System Sciences, p. 399. IEEE Computer Society (2008)
Pereira, C.M., Sousa, P.: A method to define an enterprise architecture using the Zachman framework. In: ACM Symposium on Applied Computing, pp. 1366–1371. ACM (2004)
Zhang, X.Y.: Risks existing in applying ERP system and protective countermeasures. Forest Eng. 11, 140–142 (2006)
Fatolahi, A., Shams, F.: An investigation into applying UML to the Zachman framework. Inf. Syst. Front. 8(2), 133–143 (2006)
Liu, Y.: Application Research on IT Risk Management with Zachman Framework (2007)
Blackwell, C.: A forensic framework for incident analysis applied to the insider threat. In: Gladyshev, P., Rogers, M.K. (eds.) ICDF2C 2011. LNICSSITE, vol. 88, pp. 268–281. Springer, Heidelberg (2012). doi:10.1007/978-3-642-35515-8_22
Wu, C.L., Lin, J.J.: System security architecture of complex information system based on Zachman framework. Comput. Appl. Softw. 9, 92–96 (2015)
Lin, X.H.: The application of the JIT production system to construct with the Zachman framework, p. 5 (2005)
Zhang, C., Shi, X., Chen, D.: Safety analysis and optimization for networked avionics system. In: Digital Avionics Systems Conference, pp. 4C1-1–4C1-12. IEEE (2014)
Maconachy, W.V., Schou, C.D., Ragsdale, D., et al.: A model for information assurance: an integrated approach. In: Proceedings of the IEEE Workshop on Information Assurance and Security IEEE Cs (2001)
Zhao, W.: Research on Information Assurance Metrics and Comprehensive Evaluation (2006)
Lyu, H., Zhou, Z., Zhang, Z.: Measuring knowledge management performance in organizations: an integrative framework of balanced scorecard and fuzzy evaluation. Information 7(2), 29 (2016)
Acknowledgements
This work is supported by The National Natural Science Foundation of China (No. 61572460, No.61272481), The National Key R&D Program of China (No. 2016YFB0800700), The Open Project Program of the State Key Laboratory of Information Security (No. 2017-ZD-01), The National Information Security Special Projects of National Development, the Reform Commission of China [No. (2012)1424], China 111 Project (No. B16037).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Wu, C., Zhang, Y., Dong, Y. (2017). Application Research on Network Attacks and Defenses with Zachman Framework. In: Yan, Z., Molva, R., Mazurczyk, W., Kantola, R. (eds) Network and System Security. NSS 2017. Lecture Notes in Computer Science(), vol 10394. Springer, Cham. https://doi.org/10.1007/978-3-319-64701-2_32
Download citation
DOI: https://doi.org/10.1007/978-3-319-64701-2_32
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-64700-5
Online ISBN: 978-3-319-64701-2
eBook Packages: Computer ScienceComputer Science (R0)