Related papers: Modeling Network Security: Case Study of Email Sys…
Solving cybersecurity issues requires a holistic understanding of components, factors, structures and their interactions in cyberspace, but conventional modeling approaches view the field of cybersecurity by their boundaries so that we are…
Abstraction applied in computer networking hides network details behind a well-defined representation by building a model that captures an essential aspect of the network system. Two current methods of representation are available, one…
Modeling and analyzing security of networked systems is an important problem in the emerging Science of Security and has been under active investigation. In this paper, we propose a new approach towards tackling the problem. Our approach is…
Due to the complex nature of mobile communication systems, most of the security efforts in its domain are isolated and scattered across underlying technologies. This has resulted in an obscure view of the overall security. In this work, we…
The Internet s ability to support a wide range of services depends on the network architecture and theoretical and practical innovations necessary for future networks. Network architecture in this context refers to the structure of a…
Evaluating the security of cyber-physical systems throughout their life cycle is necessary to assure that they can be deployed and operated in safety-critical applications, such as infrastructure, military, and transportation. Most safety…
Documenting networks is an essential tool for troubleshooting network problems. The documentation details a network's structure and context, serves as a reference and makes network management more effective. Complex network diagrams are…
Security attacks are hard to understand, often expressed with unfriendly and limited details, making it difficult for security experts and for security analysts to create intelligible security specifications. For instance, to explain Why…
Work is aimed at automating the process of obtaining a list of security threats aimed at the information system in the work processes of data transfer are considered, definitions for each process are presented. The typification of processes…
Todays industrial control systems consist of tightly coupled components allowing adversaries to exploit security attack surfaces from the information technology side, and, thus, also get access to automation devices residing at the…
Models are fundamentally crucial to many scientific fields, including software engineering, systems engineering, enterprise modeling, and business modeling. This paper focuses on diagrammatic conceptual modeling, as opposed to mathematical…
A model is a simplified representation of portion of reality that hides a system s nonessential characteristics. It provides a means for reducing complexity as well as visualization and communication and a basis for building it. Most models…
In this work we present a prototype for simulating computer network attacks. Our objective is to simulate large networks (thousands of hosts, with applications and vulnerabilities) while remaining realistic from the attacker's point of…
The ability to analyze network threats is very important in security research. Traditional approaches, involving sandboxing technology are limited to simulating a single host, missing local network attacks. This issue is addressed by…
Computer networks are undergoing a phenomenal growth, driven by the rapidly increasing number of nodes constituting the networks. At the same time, the number of security threats on Internet and intranet networks is constantly growing, and…
Systems modeling practice lacks security analysis tools that can interface with modeling languages to facilitate security by design. Security by design is a necessity in the age of safety critical cyber-physical systems, where security…
Modeling in software engineering includes constructing static, dynamic, and behavioral representations. In describing system behavior, actions and states are two of the most commonly used concepts. In this paper, we focus on the notion of…
Conceptual modeling is an essential tool in many fields of study, including security specification in information technology systems. As a model, it restricts access to resources and identifies possible threats to the system. We claim that…
In this work we start walking the path to a new perspective for viewing cyberwarfare scenarios, by introducing conceptual tools (a formal model) to evaluate the costs of an attack, to describe the theater of operations, targets, missions,…
Nowadays, companies are highly exposed to cyber security threats. In many industrial domains, protective measures are being deployed and actively supported by standards. However the global process remains largely dependent on document…