• DocumentCode
    1833524
  • Title

    Here´s Johnny: A Methodology for Developing Attacker Personas

  • Author

    Atzeni, Andrea ; Cameroni, Cesare ; Faily, Shamal ; Lyle, John ; Flechais, Ivan

  • Author_Institution
    Dip. di Autom. e Inf., Politec. di Torino, Torino, Italy
  • fYear
    2011
  • fDate
    22-26 Aug. 2011
  • Firstpage
    722
  • Lastpage
    727
  • Abstract
    The adversarial element is an intrinsic part of the design of secure systems, but our assumptions about attackers and threat is often limited or stereotypical. Although there has been previous work on applying User-Centered Design on Persona development to build personas for possible attackers, such work is only speculative and fails to build upon recent research. This paper presents an approach for developing Attacker Personas which is both grounded and validated by structured data about attackers. We describe a case study example where the personas were developed and used to support the development of a Context of Use description for the EU FP7 webinos project.
  • Keywords
    data structures; security of data; user centred design; EU FP7 webinos project; adversarial element; attacker personas; persona development; secure systems; structured data; user-centered design; Conferences; Context; Helium; Security; Taxonomy; Usability; Attack Tree; Attacker; Persona; Toulmin Model;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Availability, Reliability and Security (ARES), 2011 Sixth International Conference on
  • Conference_Location
    Vienna
  • Print_ISBN
    978-1-4577-0979-1
  • Electronic_ISBN
    978-0-7695-4485-4
  • Type

    conf

  • DOI
    10.1109/ARES.2011.115
  • Filename
    6046027
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1833524