Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
HICSS
2007
IEEE
2007
IEEE
Value Driven Security Threat Modeling Based on Attack Path Analysis
This paper presents a quantitative threat modeling method, the Threat Modeling method based on Attack Path Analysis (T-MAP), which quantifies security threats by calculating the total severity weights of relevant Attack Paths for Commercial Off The Shelf (COTS) systems. Compared to existing approaches, TMAP is sensitive to an organization’s business value priorities and IT environment. It distills the technical details of thousands of relevant software vulnerabilities into management-friendly numbers at a high-level. T-MAP can help system designers evaluate the security performance of COTS systems and analyze the effectiveness of security practices. In the case study, we demonstrate the steps of using T-MAP to analyze the cost-effectiveness of how system patching and upgrades can improve security. In addition, we introduce a software tool that automates the T-MAP.
Real-time TrafficAttack Paths | Biometrics | HICSS 2007 | Quantitative Threat Modeling | System Sciences | Threat Modeling Method |
Related Content
| Added | 02 Jun 2010 |
| Updated | 02 Jun 2010 |
| Type | Conference |
| Year | 2007 |
| Where | HICSS |
| Authors | Yue Chen, Barry W. Boehm, Luke Sheppard |
Comments (0)
Researcher Info
|
