Abstract
Various techniques have been proposed to model attacks on systems. In order to understand such attacks and thereby propose efficient mitigations, the sequence of steps in the attack should be analysed thoroughly. However, there is a lack of techniques to represent intrusion scenarios across a system architecture. This paper proposes a new technique called misuse sequence diagrams (MUSD). MUSD represents the sequence of attacker interactions with system components and how they were misused over time by exploiting their vulnerabilities. The paper investigates MUSD in a controlled experiment with 42 students, comparing it with a similar technique called misuse case maps (MUCM). The results suggest that the two mostly perform equally well and they are complementary regarding architectural issues and temporal sequences of actions though MUSD was perceived more favourably.
Chapter PDF
References
Aagedal, J.Ø., et al.: Model-based Risk Assessment to Improve Enterprise Security. In: Proceedings of the Sixth International Enterprise Distributed Object Computing Conference (EDOC 2002). IEEE, Los Alamitos (2002)
Mitnick, K.D., Simon, W.L.: The Art of Intrusion. Wiley Publishing Inc., Chichester (2006)
Schneier, B.: Secrets and Lies: Digital Security in a Networked World. Wiley, Chichester (2000)
Sindre, G., Opdahl, A.L.: Eliciting Security Requirements with Misuse Cases. Requirements Engineering 10(1), 34–44 (2005)
Karpati, P., Sindre, G., Opdahl, A.L.: Illustrating Cyber Attacks with Misuse Case Maps. Accepted to 16th International Working Conference on Requirements Engineering: Foundation for Software Quality, RefsQ 2010 (2010)
Karpati, P., Opdahl, A.L., Sindre, G.: Experimental evaluation of misuse case maps for eliciting security requirements. Submitted to 18th IEEE International Conference on Requirements Engineering, RE 2010 (2010)
Unified Modeling Language, http://www.uml.org (accessed 4.6.2010)
Internet Security Glossary, http://www.apps.ietf.org/rfc/rfc2828.html (accessed 22.6.2010)
Opdahl, A.L., Sindre, G.: Experimental comparison of attack trees and misuse cases for security threat identification. Information and Software Technology 51(5), 916–932 (2009)
Buhr, R.J.A.: Use Case Maps: A New Model to Bridge the Gap Between Requirements and Detailed Design. In: 11th Annual ACM Conference on Object-Oriented Programming Systems, Languages and Applications (OOPSLA 1995), Real Time Workshop, p. 4 (1995)
Markose, S., Xiaoqing, L., McMillin, B.: A Systematic Framework for Structured Object-Oriented Security Requirements Analysis in Embedded Systems. In: IEEE/IFIP International Conference on Embedded and Ubiquitous Computing, vol. 1, pp. 75–81 (2008)
Georg, G., Ray, I., Anastasakis, K., Bordbar, B., Toahchoodee, M., Houmb, S.H.: An aspect-oriented methodology for designing secure applications. Information and Software Technology 51, 846–864 (2009)
Redmill, F., Chudleigh, M., Catmur, J.: Hazop and software Hazop. Wiley, Chichester (1999)
IEC 61025: Fault tree analysis (FTA), IEC Standard (2006)
Runde, R.K., Haugen, Ø., Stølen, K.: The Pragmatics of STAIRS, Research Report 349 (January 2007)
Jürjens, J.: Secure Systems Development with UML. Springer, Heidelberg (2005)
Karpati, P.: http://www.idi.ntnu.no/~kpeter/ExampleSheet_Group1.pdf (accessed 24.6.2010)
Davis, F.D.: Perceived usefulness, perceived ease of use and user acceptance of information technology. MIS Quarterly 13, 319–340 (1989)
Cohen, J.: Statistical power analysis for the behavioral sciences, 2nd edn. Lawrence Erlbaum, New Jersey (1988)
Hopkins, W.G.: A New View of Statistics. University of Queensland, Brisbane (2001)
Wohlin, C., Runeson, P., Höst, M., Ohlsson, M.C., Regnell, B., Wesslén, A.: Experimentation in Software Engineering: An Introduction. Kluwer Academic, Norwell (2000)
Arisholm, E., Sjøberg, D.I.K.: Evaluating the effect of a delegated versus centralized control style on the maintainability of object-oriented software. IEEE Transactions on Software Engineering 30, 521–534 (2004)
Venkatesh, V., Morris, M.G., Davis, G.B., Davis, F.D.: User acceptance of information technology: Toward a unified view. MIS Quarterly 27(3), 425–478 (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 IFIP International Federation for Information Processing
About this paper
Cite this paper
Katta, V., Karpati, P., Opdahl, A.L., Raspotnig, C., Sindre, G. (2010). Comparing Two Techniques for Intrusion Visualization. In: van Bommel, P., Hoppenbrouwers, S., Overbeek, S., Proper, E., Barjis, J. (eds) The Practice of Enterprise Modeling. PoEM 2010. Lecture Notes in Business Information Processing, vol 68. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16782-9_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-16782-9_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-16781-2
Online ISBN: 978-3-642-16782-9
eBook Packages: Computer ScienceComputer Science (R0)