Title :
Towards a Specification Prototype for Hierarchy-Driven Attack Patterns
Author :
Pauli, Joshua J. ; Engebretson, Patrick H.
Author_Institution :
Dakota State Univ., Madison
Abstract :
We propose the characteristics of a software tool that leverages specifying attack pattern details in understandable hierarchies. These hierarchies are currently manually populated from the vast CAPEC dictionary which consume an excessive amount of human resources and are wrought with the possibility of user error. Such a software tool will not only automate the population of these attack pattern hierarchies, but also provide system prerequisite information and suggested mitigation strategies for the system under design. The combination of system prerequisites, possible attack patterns, and necessary mitigation strategies gives system designers and developers a checklist-like artifact to consider as development moves from the design phase to the implementation phase.
Keywords :
security of data; software tools; CAPEC dictionary; attack pattern specification; checklist-like artifact; hierarchy-driven attack patterns; human resources; software tool; specification prototype; system prerequisite information; Data mining; Data security; Dictionaries; Educational institutions; Information security; Information systems; Information technology; Prototypes; Software prototyping; Software tools; Attack Patterns; Attack Trees; Hierarchy; Refinement;
Conference_Titel :
Information Technology: New Generations, 2008. ITNG 2008. Fifth International Conference on
Conference_Location :
Las Vegas, NV
Print_ISBN :
0-7695-3099-0
DOI :
10.1109/ITNG.2008.23
