Abstract
AbstractEnterprise systems are growing in complexity, and the adoption of cloud and mobile services has greatly increased the attack surface. To proactively address these security issues in enterprise systems, this paper proposes a threat modeling language for enterprise security based on the MITRE Enterprise ATT&CK Matrix. It is designed using the Meta Attack Language framework and focuses on describing system assets, attack steps, defenses, and asset associations. The attack steps in the language represent adversary techniques as listed and described by MITRE. This entity-relationship model describes enterprise IT systems as a whole; by using available tools, the proposed language enables attack simulations on its system model instances. These simulations can be used to investigate security settings and architectural changes that might be implemented to secure the system more effectively. Our proposed language is tested with a number of unit and integration tests. This is visualized in the paper with two real cyber attacks modeled and simulated.
Funder
Swedish Governmental Agency for Innovation Systems
Energimyndigheten
Publisher
Springer Science and Business Media LLC
Subject
Modeling and Simulation,Software
Reference60 articles.
1. Al-Fedaghi, S., Moein, S.: Modeling attacks. Int. J. Safety Secur. Eng. 4(2), 97–115 (2014)
2. Applebaum, A., Miller, D., Strom, B., Foster, H., Thomas, C.: Analysis of automated adversary emulation techniques. In: Proceedings of the Summer Simulation Multi-Conference, pp. 1–12 (2017)
3. Baquero, A.O., Kornecki, A.J., Zalewski, J.: Threat modeling for aviation computer security. CrossTalk November/December 1–12,(2015)
4. Bedi, P., Gandotra, V., Singhal, A., Narang, H., Sharma, S.: Threat-oriented security framework in risk management using multiagent system. Software Practice Exp. 43(9), 1013–1038 (2013)
5. Burns, A.J., Johnson, M.E., Caputo, D.D.: Spear phishing in a barrel: insights from a targeted phishing campaign. J. Organiz. Comput. Electron. Commerce 29(1), 24–39 (2019)
Cited by
44 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献