• DocumentCode
    245745
  • Title

    A Weakness-Based Attack Pattern Modeling and Relational Analysis Method

  • Author

    Lili Lu ; Song Huang ; Zhengping Ren

  • Author_Institution
    Coll. of Command Inf. Syst., PLA Univ. of Sci. & Technol., Nanjing, China
  • fYear
    2014
  • fDate
    19-21 Dec. 2014
  • Firstpage
    1024
  • Lastpage
    1028
  • Abstract
    With growing popularity of online services, the amount of information on web increases dramatically, which has resulted in increasingly concerns on web application security. Subject knowledge is in desperate need to guide security testing against advanced attacks. Unlike common software security weakness study pattern, a combination analysis method based on Colored Petri Net is presented in this paper. An Attack Pattern is modeled to describe a single weakness´s specific exploiting process. Then attack nets are constructed as a result of their relational analysis. The method is verified by a case study.
  • Keywords
    Internet; Petri nets; data analysis; pattern classification; security of data; Web application security; Web information; colored Petri net; combination analysis method; relational analysis method; security testing; software security weakness study pattern; weakness-based attack pattern modeling; Analytical models; Educational institutions; Finite element analysis; Image color analysis; Security; Software; Testing; Attack Pattern; Colored Petri Net; attack injection; attack net; software security testing;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computational Science and Engineering (CSE), 2014 IEEE 17th International Conference on
  • Conference_Location
    Chengdu
  • Print_ISBN
    978-1-4799-7980-6
  • Type

    conf

  • DOI
    10.1109/CSE.2014.203
  • Filename
    7023713
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=245745