kth.sePublications KTH
EnglishSvenskaNorsk
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Integrating Security Behavior into Attack Simulations
KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering. (Software Systems Architecture and Security)ORCID iD: 0000-0003-0478-9347
KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.ORCID iD: 0000-0002-1723-5741
KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.ORCID iD: 0000-0003-3089-3885
Swedish Defence University.
Show others and affiliations
2021 (English)In: ARES 2021: The 16th International Conference on Availability, Reliability and Security, Association for Computing Machinery , 2021Conference paper, Published paper (Refereed)
Abstract [en]

The increase of cyber-attacks raised security concerns for critical assets worldwide in the last decade. Leading to more efforts spent towards increasing the cyber security among companies and countries. For the sake of enhancing cyber security, representation and testing of attacks have prime importance in understanding system vulnerabilities. One of the available tools for simulating attacks on systems is the Meta Attack Language (MAL), which allows representing the effects of certain cyber-attacks. However, only understanding the component vulnerabilities is not enough in securing enterprise systems. Another important factor is the "human", which constitutes the biggest "insider threat". For this, Security Behavior Analysis (SBA) helps understanding which system components that might be directly affected by the "human". As such, in this work, the authors present an approach for integrating user actions, so called "security behavior", by mapping SBA to a MAL-based language through MITRE ATT&CK techniques.
Place, publisher, year, edition, pages
Association for Computing Machinery , 2021.
Series
ARES 2021
Keywords [en]
Security Behavior, Attack Simulations, Integration
National Category
Information Systems
Identifiers
URN: urn:nbn:se:kth:diva-300454DOI: 10.1145/3465481.3470475ISI: 000749539200157Scopus ID: 2-s2.0-85113199864OAI: oai:DiVA.org:kth-300454DiVA, id: diva2:1589806
Conference
The 16th International Conference on Availability, Reliability and Security, Vienna Austria August 17 - 20, 2021
Note

QC 20220308

Available from: 2021-09-01 Created: 2021-09-01 Last updated: 2022-12-20Bibliographically approved

Open Access in DiVA

fulltext(1300 kB)933 downloads
File information
File name FULLTEXT01.pdfFile size 1300 kBChecksum SHA-512
02d10b16d04c1d12432130a4840f31dbe10ad8c9ee7d45b84cf40e327c8833834fbfe102211fb8a6806edc0be73920ca8b14cfe89f48a82fbeee7b3e9c0cb466
Type fulltextMimetype application/pdf

Other links

Publisher's full textScopusPublisher

Authority records

Hacks, SimonButun, IsmailLagerström, Robert

Search in DiVA

By author/editor
Hacks, SimonButun, IsmailLagerström, Robert
By organisation
Network and Systems Engineering
Information Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 937 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 498 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.47.0
|
WCAG
|
KTH Library
|
DiVA support
|
Register in DiVA
|
Posting your thesis
|
SwePub
|
About Open Access