Abstract
There has been significant progress in defining and developing viable approaches to threat modeling and risk assessment techniques for a wide range of IT applications and computing environments. However, we observe that the focus of most studies continues to be on asset or vulnerability analysis, leaving the analysis of threat agents out of scope. The motivations of the attackers are predominantly economic, and the mitigation techniques and planning approaches depend heavily on the intent and resources available to the attackers. Although threat agent taxonomies may be simple, they are necessary for the development of both theoretical studies of vulnerabilities and practical analyses of the measures necessary for the remediation and mitigation. In this paper, we are taking a more careful look at the typology of threat agents that can provide considerable insights into the likelihood, seriousness, and specific nature of security attack. We also evaluate the context where these taxonomies operate. Finally, we describe Intel’s Threat Agent Library (TAL) and its applicability to various situations in dynamic threat analysis.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Th omas, R. C. 2009. Total cost of security: a method for managing risks and incentives across the extended enterprise. In Proceedings of the 5th Annual Workshop on Cyber Security and information intelligence Research: Cyber Security and information intelligence Challenges and Strategies (Oak Ridge, Tennessee, April 13 - 15, 2009). F. Sheldon, G. Peterson, A. Krings, R. Abercrombie, and A. Mili, Eds. CSIIRW ‘09. ACM, New York, NY, 1–4.
Cheng, B. H. and Atlee, J. M. 2007. Research Directions in Requirements Engineering. In 2007 Future of Soft ware Engineering (May 23–25, 2007). International Conference on Soft ware Engineering. IEEE Computer Society, Washington, DC, 285–303.
Fenz, S. and Ekelhart, A. 2009. Formalizing information security knowledge. In Proceedings of the 4th international Symposium on information, Computer, and Communications Security (Sydney, Australia, March 10 - 12, 2009). ASIACCS ‘09. ACM, New York, NY, 183–194.
Cardenas, A. A., Roosta, T., and Sastry, S. 2009. Rethinking security properties, threat models, and the design space in sensor networks: A case study in SCADA systems. Ad Hoc Netw. 7, 8 (Nov. 2009), 1434–1447.
Fruhwirth, C. and Mannisto, T. 2009. Improving CVSS-based vulnerability prioritization and response with context information. In Proceedings of the 2009 3rd international Symposium on Empirical Software Engineering and Measurement (October 15 - 16, 2009). ESEM. IEEE Computer Society, Washington, DC, 535–544.
Daruwala, B., Mandujano, S., Mangipudi, N. K., and Wong, H. 2009. Threat analysis for hardware and software products using HazOP. In Proceedings of the international Conference on Computational and information Science 2009 (Houston, USA, April 30 - May 02, 2009). V. Zafiris, M. Benavides, K. Gao, S. Hashemi, K. Jegdic, G. A. Kouzaev, P. Simeonov, L. Vladareanu, and C. Vobach, Eds. Recent Advances In Electrical Engineering. World Scientific and Engineering Academy and Society (WSEAS), Stevens Point, Wisconsin, 446–453.
R. K. Abercrombie, F. T. Sheldon, and A. Mili, “Managing Complex IT Security Processes with Value Based Measures,” Proceedings of 2009 IEEE Symposium on Computational Intelligence in Cyber Security, Nashville, TN, April 1, 2009
Lukas Ruf, Consecom AG, Anthony Thorn, ATSS GmbH, Tobias Christen, Zürich Financial Services AG, Beatrice Gruber, Credit Suisse AG, Roland Portmann, Hochschule Luzer. Threat Modeling in Security Architecture -The Nature of Threats. ISSS Working Group. Available at: http://www.isss.ch/fileadmin/publ/agsa/ISSS-AG-Security-Architecture__Threat-Modeling_Lukas-Ruf.pdf
Kim, Y., Park, G., Kim, T., and Lee, S. 2007. Security Evaluation for Information Assurance. In Proceedings of the the 2007 international Conference Computational Science and Its Applications (August 26 - 29, 2007). ICCSA. IEEE Computer Society, Washington, DC, 227–230.
Kwan, L., Ray, P., and Stephens, G. 2008. Towards a Methodology for Profiling Cyber Criminals. In Proceedings of the Proceedings of the 41st Annual Hawaii international Conference on System Sciences (January 07 - 10, 2008). HICSS. IEEE Computer Society, Washington, DC, 264. Williams, L. Y. 2007 A Taxonomy of Network-Perpetrated Criminal Activity: Developing an Empirically-Based Model for Recourse Strategies. Doctoral Thesis. UMI Order Number: AAI3259653., Capella University.
DG Abraham, GM Dolan, GP Double, JV Stevens. 1991. Transaction Security System. In IBM Systems Journal Journal, v 30 no 2 (1991), 206–229.
Bierman, E. and Cloete, E. 2002. Classification of malicious host threats in mobile agent computing. In Proceedings of the 2002 Annual Research Conference of the South African institute of Computer Scientists and information Technologists on Enablement Through Technology (Port Elizabeth, South Africa, September 16 - 18, 2002). ACM International Conference Proceeding Series, vol. 30. South African Institute for Computer Scientists and Information Technologists, 141–148.
Casey, Timothy. Threat Agent Library Helps Identify Information Security Risks. Available at: http://communities.intel.com/docs/DOC-1151
Rosenquist, Matt. Prioritizing Information Security Risks with Threat Agent Risk Assessment. Available at http://download.intel.com/it/pdf/Prioritizing_Info_Security_Risks_with_TARA.pdf
Cybenko, G., Giani, A., and Thompson, P. 2002. Cognitive Hacking: A Battle for the Mind. Computer 35, 8 (Aug. 2002), 50–56.
Chen, Y. 2007. Stakeholder Value Driven Threat Modeling for Off the Shelf Based Systems. In Companion To the Proceedings of the 29th international Conference on Software Engineering (May 20 - 26, 2007). International Conference on Software Engineering. IEEE Computer Society, Washington, DC, 91–92. DOI= http://dx.doi.org/10.1109/ICSECOMPANION.2007.69
Hasan, R., Sion, R., and Winslett, M. 2009. Preventing history forgery with secure provenance. Trans. Storage 5, 4 (Dec. 2009), 1–43.
Department of Homeland Security. Information Technology Sector Baseline Risk Assessment. August 2009. Available at: http://www.dhs.gov/xlibrary/assets/nipp_it_baseline_risk_assessmen.pdf
Maybury M., Chase P., Cheiker B., Brackney D., Matzner S., Hetherington T., et al. Analysis and detection of malicious insiders; 2005.
Rosenquist, Matthew: Whitepaper: Prioritizing Information Security Risks with Threat Agent Risk Assessment. Available at: http://communities.intel.com/docs/DOC-4693
Thuraisingham, B. 2009. Data Mining for Malicious Code Detection and Security Applications. In Proceedings of the 2009 IEEE/WIC/ACM international Joint Conference on Web intelligence and intelligent Agent Technology - Volume 02 (September 15 - 18, 2009). Web Intelligence & Intelligent Agent. IEEE Computer Society, Washington, DC, 6–7.
Walfish, M., Vutukuru, M., Balakrishnan, H., Karger, D., and Shenker, S. 2010. DDoS defense by offense. ACM Trans. Comput. Syst. 28, 1 (Mar. 2010), 1–54.
Walker, T. 2008. Practical management of malicious insider threat - An enterprise CSIRT perspective. Inf. Secur. Tech. Rep. 13, 4 (Nov. 2008), 225–234.
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Vieweg+Teubner Verlag | Springer Fachmedien Wiesbaden GmbH
About this chapter
Cite this chapter
Casey, T., Koeberl, P., Vishik, C. (2011). Defining Threat Agents: Towards a More Complete Threat Analysis. In: Pohlmann, N., Reimer, H., Schneider, W. (eds) ISSE 2010 Securing Electronic Business Processes. Vieweg+Teubner. https://doi.org/10.1007/978-3-8348-9788-6_21
Download citation
DOI: https://doi.org/10.1007/978-3-8348-9788-6_21
Publisher Name: Vieweg+Teubner
Print ISBN: 978-3-8348-1438-8
Online ISBN: 978-3-8348-9788-6
eBook Packages: EngineeringEngineering (R0)