{"title":"Intelligence Gathering","authors":"Vic Vandal","doi":"10.1002/9781119491774.ch2","DOIUrl":"https://doi.org/10.1002/9781119491774.ch2","url":null,"abstract":"We must recognize that \"documentation\" and \"evidence\" often mean nothing in this age. Remember the doctored video which the Feds and media used to demonize David Koresh at Waco? Koresh had been accused of getting a 70 year old woman pregnant, so sarcastically he joked, \"If I can impregnate a 70 year old woman, then I guess I am God.\" the media played the last three words, \"I am God,\" endlessly to demonize him. Then, also, of course, they employed their favorite tactic, accusing him of sexual impropriety with young girls. And that, too, turned out to be false propaganda. Not that I am defending Mr. Koresh for his religious views, which were multi-racial and universalist, but the points are as follows:","PeriodicalId":253087,"journal":{"name":"Hacking Connected Cars","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-03-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128042559","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Threat Modeling","authors":"James Helfrich","doi":"10.1201/9780429506475-12","DOIUrl":"https://doi.org/10.1201/9780429506475-12","url":null,"abstract":"Threat modeling and analysis provides a complete view about the security of a system. It is performed by a systematic and strategic way for identifying and enumerating threats to a system. 1. Some Common Definition (RFC 2828) Vulnerability: \" A flaw or weakness in a system's design, implementation, or operation and management that could be exploited to violate the system's security policy \" Threat: \" A potential for violation of security, which exists when there is a circumstance, capability, action, or event that could breach security and cause harm... a threat is a possible danger that might exploit a vulnerability \" Attack: \" An assault on system security that derives from an intelligent threat, to evade security services and violate the security policy of a system. \" 2. Modeling Phases We are currently following an iterative step, starting from the higher level – identifying major components and identification of threats from overall perspective. In the second part, we are performing threat analysis for each of the earlier identified components then passing data through those components from identified major use case. Finally, we merge the analysis report to one. Questions: component breakdown or use case breakdown is better option ? Figure 1: An iterative process for threat identification","PeriodicalId":253087,"journal":{"name":"Hacking Connected Cars","volume":"27 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-12-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124598176","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
求助内容:
应助结果提醒方式: