Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Analysis and Visualization of Attacks on Organizations
KTH, School of Information and Communication Technology (ICT).
2016 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

Graphical system models enable the modelling of organisations on layers that are relevant for attacks – the physical, virtual, and social layer. Recently, these models have been used for automatically identifying possible attacks on the modelled organisation. The generated attacks consider all three layers, making the contribution of building infrastructure, computer infrastructure, and humans (insiders and outsiders) explicit. However, this contribution is only visible in the attack trees as part of the performed steps; it cannot be mapped back to the model directly since the actions usually involve several elements (attacker and targeted actor or asset). Especially for large attack trees, visualising these relations between several model components quickly results in a large quantity of interrelations, which are hard to grasp. In this work we present several approaches for visualising attributes of attacks such as likelihood of success, impact, and required time or skill level. The resulting visualisations provide a link between graphical attack models and graphical system models.

Place, publisher, year, edition, pages
2016. , 76 p.
Series
TRITA-ICT-EX, 2016:41
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
Identifiers
URN: urn:nbn:se:kth:diva-204884OAI: oai:DiVA.org:kth-204884DiVA: diva2:1086517
Subject / course
Electrical Engineering
Educational program
Master of Science -Security and Mobile Computing
Supervisors
Examiners
Available from: 2017-04-03 Created: 2017-04-03 Last updated: 2017-04-21Bibliographically approved

Open Access in DiVA

fulltext(1244 kB)27 downloads
File information
File name FULLTEXT01.pdfFile size 1244 kBChecksum SHA-512
3053e81c92e2cd9ee8cee09f8d9b87c713d0ba2013a244c9bd06d50e01988fca9311a9729f657a98930c79b627052961ee3444240d1a1aaec30e5c38d62ba878
Type fulltextMimetype application/pdf

By organisation
School of Information and Communication Technology (ICT)
Electrical Engineering, Electronic Engineering, Information Engineering

Search outside of DiVA

GoogleGoogle Scholar
Total: 27 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 31 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf