research-article

Threat agents: a necessary component of threat analysis

Authors:

Timothy Casey,

Patrick Koeberl,

Claire VishikAuthors Info & Claims

CSIIRW '10: Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research

Article No.: 56, Pages 1 - 4

https://doi.org/10.1145/1852666.1852728

Published: 21 April 2010 Publication History

Get Access

Abstract

There have been significant achievements in defining and developing viable approaches to threat modeling and risk assessment techniques for a wide range of IT applications and computing environments. Most of the approaches have been qualitative, due to the difficulties in quantifying all the aspects of the threat analysis. Some quantitative approaches, especially based on the analysis of the cost of security, have been proposed as well, such as "Total Cost of Security" described in [1]. The adjacent field of requirements engineering that provides useful insight into threats and mitigations, has flourished also [2]. In qualitative studies, the focus was on introducing new taxonomies and ontologies [3], applying threat modeling techniques to new areas [4], e.g., ad-hoc networks or improving prioritization and usability of the existing approaches, such as the Common Vulnerability Scoring System [5]. Interest in applying the same models to hardware and software threat analysis is beginning to emerge [6], although the difficulties as well as the benefits of this approach are self-evident.

References

[1]

Thomas, R. C. 2009. Total cost of security: a method for managing risks and incentives across the extended enterprise. In Proceedings of the 5th Annual Workshop on Cyber Security and information intelligence Research: Cyber Security and information intelligence Challenges and Strategies (Oak Ridge, Tennessee, April 13--15, 2009). F. Sheldon, G. Peterson, A. Krings, R. Abercrombie, and A. Mili, Eds. CSIIRW '09. ACM, New York, NY, 1--4.

Digital Library

Google Scholar

[2]

Cheng, B. H. and Atlee, J. M. 2007. Research Directions in Requirements Engineering. In 2007 Future of Software Engineering (May 23--25, 2007). International Conference on Software Engineering. IEEE Computer Society, Washington, DC, 285--303.

Digital Library

Google Scholar

[3]

Fenz, S. and Ekelhart, A. 2009. Formalizing information security knowledge. In Proceedings of the 4th international Symposium on information, Computer, and Communications Security (Sydney, Australia, March 10--12, 2009). ASIACCS '09. ACM, New York, NY, 183--194.

Digital Library

Google Scholar

[4]

Cardenas, A. A., Roosta, T., and Sastry, S. 2009. Rethinking security properties, threat models, and the design space in sensor networks: A case study in SCADA systems. Ad Hoc Netw. 7, 8 (Nov. 2009), 1434--1447.

Digital Library

Google Scholar

[5]

Fruhwirth, C. and Mannisto, T. 2009. Improving CVSS-based vulnerability prioritization and response with context information. In Proceedings of the 2009 3rd international Symposium on Empirical Software Engineering and Measurement (October 15--16, 2009). ESEM. IEEE Computer Society, Washington, DC, 535--544.

Digital Library

Google Scholar

[6]

Daruwala, B., Mandujano, S., Mangipudi, N. K., and Wong, H. 2009. Threat analysis for hardware and software products using HazOP. In Proceedings of the international Conference on Computational and information Science 2009 (Houston, USA, April 30 -- May 02, 2009). V. Zafiris, M. Benavides, K. Gao, S. Hashemi, K. Jegdic, G. A. Kouzaev, P. Simeonov, L. Vladareanu, and C. Vobach, Eds. Recent Advances In Electrical Engineering. World Scientific and Engineering Academy and Society (WSEAS), Stevens Point, Wisconsin, 446--453.

Digital Library

Google Scholar

[7]

DG Abraham, GM Dolan, GP Double, JV Stevens. 1991. Transaction Security System. In IBM Systems Journal Journal, v 30 no 2 (1991), 206--229.

Digital Library

Google Scholar

[8]

Lukas Ruf, Consecom AG, Anthony Thorn, ATSS GmbH, Tobias Christen, Zürich Financial Services AG, Beatrice Gruber, Credit Suisse AG, Roland Portmann, Hochschule Luzer. Threat Modeling in Security Architecture - The Nature of Threats. ISSS Working Group. Available at: http://www.isss.ch/fileadmin/publ/agsa/ISSS-AG-Security-Architecture_Threat-Modeling_Lukas-Ruf.pdf

Google Scholar

[9]

Kim, Y., Park, G., Kim, T., and Lee, S. 2007. Security Evaluation for Information Assurance. In Proceedings of the the 2007 international Conference Computational Science and Its Applications (August 26--29, 2007). ICCSA. IEEE Computer Society, Washington, DC, 227--230.

Digital Library

Google Scholar

[10]

Casey, Timothy. Threat Agent Library Helps Identify Information Security Risks. Available at: http://communities.intel.com/docs/DOC-1151

Google Scholar

[11]

Rosenquist, Matthew: Whitepaper: Prioritizing Information Security Risks with Threat Agent Risk Assessment. Available at: http://communities.intel.com/docs/DOC-4693

Google Scholar

[12]

Department of Homeland Security. Information Technology Sector Baseline Risk Assessment. August 2009. Available at: http://www.dhs.gov/xlibrary/assets/nipp_it_baseline_risk_assessment.pdf

Google Scholar

Cited By

View all

Irshad ESiddiqui A(2024)Context-aware cyber-threat attribution based on hybrid featuresICT Express10.1016/j.icte.2024.04.00510:3(553-569)Online publication date: Jun-2024
https://doi.org/10.1016/j.icte.2024.04.005
Ehrlich MBröring ADiedrich CJasperneite JKastner WTrsek H(2023)Determining the Target Security Level for Automated Security Risk Assessments2023 IEEE 21st International Conference on Industrial Informatics (INDIN)10.1109/INDIN51400.2023.10217902(1-6)Online publication date: 18-Jul-2023
https://doi.org/10.1109/INDIN51400.2023.10217902
Lee M(2023)Threat EnvironmentCyber Threat Intelligence10.1002/9781119861775.ch2(31-74)Online publication date: 14-Apr-2023
https://doi.org/10.1002/9781119861775.ch2
Show More Cited By

Index Terms

Threat agents: a necessary component of threat analysis

Recommendations

Threat led advanced persistent threat penetration test

Cyber security attacks have been on the rise in recent years. One of the most destructive attacks are known as advanced persistent threat (APT) attacks which can inflict massive damages to a network. A common approach of testing the security of an IT ...
Insider Threat: Prevention, Detection, Mitigation, and Deterrence
Insider Threat Assessment: a Model-Based Methodology

Security is a major challenge for today's companies, especially ICT ones which manage large scale cyber-critical systems. Amongst the multitude of attacks and threats to which a system is potentially exposed, there are insider attackers i.e., users with ...

Comments

Information & Contributors

Information

Published In

CSIIRW '10: Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research

April 2010

257 pages

ISBN:9781450300179

DOI:10.1145/1852666

Editors:
Frederick T. Sheldon
Oak Ridge National Laboratory
,
Stacy Prowell
Oak Ridge National Laboratory
,
Robert K. Abercrombie
Oak Ridge National Laboratory
,
Axel Krings
University of Idaho

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 21 April 2010

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article

Conference

CSIIRW '10

CSIIRW '10: Annual Cyber Security and Information Intelligence Research Workshop

April 21 - 23, 2010

Tennessee, Oak Ridge, USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

11
Total Citations
View Citations
700
Total Downloads

Downloads (Last 12 months)35
Downloads (Last 6 weeks)4

Reflects downloads up to 30 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Irshad ESiddiqui A(2024)Context-aware cyber-threat attribution based on hybrid featuresICT Express10.1016/j.icte.2024.04.00510:3(553-569)Online publication date: Jun-2024
https://doi.org/10.1016/j.icte.2024.04.005
Ehrlich MBröring ADiedrich CJasperneite JKastner WTrsek H(2023)Determining the Target Security Level for Automated Security Risk Assessments2023 IEEE 21st International Conference on Industrial Informatics (INDIN)10.1109/INDIN51400.2023.10217902(1-6)Online publication date: 18-Jul-2023
https://doi.org/10.1109/INDIN51400.2023.10217902
Lee M(2023)Threat EnvironmentCyber Threat Intelligence10.1002/9781119861775.ch2(31-74)Online publication date: 14-Apr-2023
https://doi.org/10.1002/9781119861775.ch2
Caramancion K(2022)Same Form, Different Payloads: A Comparative Vector Assessment of DDoS and Disinformation Attacks2022 IEEE International IOT, Electronics and Mechatronics Conference (IEMTRONICS)10.1109/IEMTRONICS55184.2022.9795803(1-6)Online publication date: 1-Jun-2022
https://doi.org/10.1109/IEMTRONICS55184.2022.9795803
Liao ZNazir SKhan HShafiq M(2021)Assessing Security of Software Components for Internet of ThingsSecurity and Communication Networks10.1155/2021/66778672021Online publication date: 1-Jan-2021
https://dl.acm.org/doi/10.1155/2021/6677867
Moeckel CVolkamer MWressnegger C(2020)Attacker-centric thinking in securityProceedings of the 15th International Conference on Availability, Reliability and Security10.1145/3407023.3407082(1-10)Online publication date: 25-Aug-2020
https://dl.acm.org/doi/10.1145/3407023.3407082
Bugeja JJacobsson ADavidsson P(2017)An analysis of malicious threat agents for the smart connected home2017 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops)10.1109/PERCOMW.2017.7917623(557-562)Online publication date: Mar-2017
https://doi.org/10.1109/PERCOMW.2017.7917623
Pieters WBarendse JFord MHeath CProbst CVerbij R(2016)The Navigation Metaphor in Security EconomicsIEEE Security & Privacy10.1109/MSP.2016.4714:3(14-21)Online publication date: May-2016
https://doi.org/10.1109/MSP.2016.47
Probst CWillemson JPieters W(2016)The Attack NavigatorGraphical Models for Security10.1007/978-3-319-29968-6_1(1-17)Online publication date: 6-Feb-2016
https://doi.org/10.1007/978-3-319-29968-6_1
Franqueira Vvan Cleeff Avan Eck PWieringa R(2013)Engineering Security Agreements Against External Insider ThreatInformation Resources Management Journal10.4018/irmj.201310010426:4(66-91)Online publication date: 1-Oct-2013
https://dl.acm.org/doi/10.4018/irmj.2013100104
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Threat led advanced persistent threat penetration test

Insider Threat: Prevention, Detection, Mitigation, and Deterrence

Insider Threat Assessment: a Model-Based Methodology