Model-based Cybersecurity Analysis: Past Work and Future Directions

by   Simon Yusuf Enoch, et al.

Model-based evaluation in cybersecurity has a long history. Attack Graphs (AGs) and Attack Trees (ATs) were the earlier developed graphical security models for cybersecurity analysis. However, they have limitations (e.g., scalability problem, state-space explosion problem, etc.) and lack the ability to capture other security features (e.g., countermeasures). To address the limitations and to cope with various security features, a graphical security model named attack countermeasure tree (ACT) was developed to perform security analysis by taking into account both attacks and countermeasures. In our research, we have developed different variants of a hierarchical graphical security model to solve the complexity, dynamicity, and scalability issues involved with security models in the security analysis of systems. In this paper, we summarize and classify security models into the following; graph-based, tree-based, and hybrid security models. We discuss the development of a hierarchical attack representation model (HARM) and different variants of the HARM, its applications, and usability in a variety of domains including the Internet of Things (IoT), Cloud, Software-Defined Networking, and Moving Target Defenses. We provide the classification of the security metrics, including their discussions. Finally, we highlight existing problems and suggest future research directions in the area of graphical security models and applications. As a result of this work, a decision-maker can understand which type of HARM will suit their network or security analysis requirements.


Security Threats and Research Challenges of IoT-A Review

Internet of things (IoT) is the epitome of sustainable development. It h...

A Survey of Automatic Generation of Attack Trees and Attack Graphs

Graphical security models constitute a well-known, user-friendly way to ...

GRAVITAS: Graphical Reticulated Attack Vectors for Internet-of-Things Aggregate Security

Internet-of-Things (IoT) and cyber-physical systems (CPSs) may consist o...

New Problems and Solutions in IoT Security and Privacy

In a previous article for S P magazine, we made a case for the new int...

Efficient Algorithms for Quantitative Attack Tree Analysis

Numerous analysis methods for quantitative attack tree analysis have bee...

Composite Metrics for Network Security Analysis

Security metrics present the security level of a system or a network in ...

Reasoning about inter-procedural security requirements in IoT applications

The importance of information security dramatically increased and will f...

Please sign up or login with your details

Forgot password? Click here to reset