• DocumentCode
    692166
  • Title

    Threat motivation

  • Author

    Pramanik, Sarah

  • Author_Institution
    Northrop Grumman Aerosp. Syst., Bethpage, NY, USA
  • fYear
    2013
  • fDate
    21-22 Oct. 2013
  • Firstpage
    1
  • Lastpage
    5
  • Abstract
    The traditional formula used by security practitioners RISK = THREAT x VULNERABILITY is meant to show that risk is the effect of a threat exploiting a vulnerability in the system. When building a security architecture the primary focus is on reducing vulnerabilities. Many times the threat information provided is vague so engineers are forced to assume that a threat can exploit any known vulnerability. In-depth knowledge of threats allows for better allocation of monies toward specific mitigations, as opposed to trying to fix every vulnerability in the system. This paper provides a novel approach to dealing with threat motivations, and offers a look at a system from a combined threat and vulnerability perspective instead of a vulnerability only viewpoint. The author defines an ontology of threat motivations and their relation to system attacks. Threats can come in multiple forms, with different resource levels which affect the ability to launch a successful attack. The threat is not a nebulous entity, but can be characterized by the elements that comprise its ability to affect a target system. On the system side, vulnerabilities must be understood and categorized. The software, hardware and everything in between must be organized as part of a comprehensive security architecture, so that threat elements can be mapped to known vulnerabilities within the system. The author describes how the mapping can be done manually and suggests future work that can be done to automate this. Understanding the attack motivation and elements of a threat allows engineers to optimize mitigation placement and identify pieces of the system requiring extra protection. In the current world economy, funding is scarce and so it is critical for security engineers to apply the most effective mitigations with an emphasis on affordability. This paper provides a new approach to defining the interplay between threats, the system, and security mitigations. This method is offered in order to reduce t- e attack surface and provide a security posture best suited to a system´s potential threat environment.
  • Keywords
    ontologies (artificial intelligence); security of data; ontology; security architecture; security engineers; security mitigations; security practitioners; system attacks; system vulnerability; threat environment; threat motivations; Buildings; Companies; Computer architecture; Hardware; Ontologies; Security; Vehicles; affordability; security; threats;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Emerging Technologies for a Smarter World (CEWIT), 2013 10th International Conference and Expo on
  • Conference_Location
    Melville, NY
  • Type

    conf

  • DOI
    10.1109/CEWIT.2013.6851346
  • Filename
    6851346