Title :
Implementing the ADVISE security modeling formalism in Möbius
Author :
Ford, Michael D. ; Keefe, Ken ; Lemay, E. ; Sanders, William H. ; Muehrcke, Carol
Author_Institution :
Dept. of Electr. & Comput. Eng., Univ. of Illinois at Urbana-Champaign, Champaign, IL, USA
Abstract :
The ADversary VIew Security Evaluation (ADVISE) model formalism provides a system security model from the perspective of an adversary. An ADVISE atomic model consists of an attack execution graph (AEG) composed of attack steps, system state variables, and attack goals, as well as an adversary profile that defines the abilities and interests of a particular adversary. The ADVISE formalism has been implemented as a Möbius atomic model formalism in order to leverage the existing set of mature modeling formalisms and solution techniques offered by Möbius. This tool paper explains the ADVISE implementation in Möbius and provides technical details for Möbius users who want to use ADVISE either alone or in combination with other modeling formalisms provided by Möbius.
Keywords :
graph theory; security of data; ADVISE implementation; ADVISE security modeling formalism; AEG; Mobius atomic model formalism; Mobius users; adversary view security evaluation model formalism; attack execution graph; attack goals; system security model; system state variables; Computational modeling; Measurement; Object oriented modeling; Planning; Predictive models; Security; Web servers; Möbius Atomic Model Formalism; Quantitative Security Metrics; State-based Security Model;
Conference_Titel :
Dependable Systems and Networks (DSN), 2013 43rd Annual IEEE/IFIP International Conference on
Conference_Location :
Budapest
Print_ISBN :
978-1-4673-6471-3
DOI :
10.1109/DSN.2013.6575362
