一种用于安全评估和增强规划的威胁分析方法

2009 Third International Conference on Emerging Security Information, Systems and Technologies Pub Date : 2009-06-18 DOI:10.1109/SECURWARE.2009.47

Antonietta Stango, N. Prasad, D. Kyriazanos

{"title":"一种用于安全评估和增强规划的威胁分析方法","authors":"Antonietta Stango, N. Prasad, D. Kyriazanos","doi":"10.1109/SECURWARE.2009.47","DOIUrl":null,"url":null,"abstract":"Threat analysis gives how potential adversaries exploit system weakness to achieve their goals. It identifies threats and defines a risk mitigation policy for a specific architecture, functionality and configuration. In a threat analysis security metrics are a challenging requirement in order to determine the status of network security performance and to further enhance it by minimizing exposure to considerable threats and vulnerabilities. In this paper the authors propose a generic methodology for threat analysis and security metrics in order to prioritize threats and vulnerabilities and proceed with security enhancement planning in Personal Networks (PNs).","PeriodicalId":382947,"journal":{"name":"2009 Third International Conference on Emerging Security Information, Systems and Technologies","volume":"147 Pt 10 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"46","resultStr":"{\"title\":\"A Threat Analysis Methodology for Security Evaluation and Enhancement Planning\",\"authors\":\"Antonietta Stango, N. Prasad, D. Kyriazanos\",\"doi\":\"10.1109/SECURWARE.2009.47\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Threat analysis gives how potential adversaries exploit system weakness to achieve their goals. It identifies threats and defines a risk mitigation policy for a specific architecture, functionality and configuration. In a threat analysis security metrics are a challenging requirement in order to determine the status of network security performance and to further enhance it by minimizing exposure to considerable threats and vulnerabilities. In this paper the authors propose a generic methodology for threat analysis and security metrics in order to prioritize threats and vulnerabilities and proceed with security enhancement planning in Personal Networks (PNs).\",\"PeriodicalId\":382947,\"journal\":{\"name\":\"2009 Third International Conference on Emerging Security Information, Systems and Technologies\",\"volume\":\"147 Pt 10 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2009-06-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"46\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2009 Third International Conference on Emerging Security Information, Systems and Technologies\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SECURWARE.2009.47\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 Third International Conference on Emerging Security Information, Systems and Technologies","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SECURWARE.2009.47","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 46

摘要

威胁分析给出了潜在的对手如何利用系统弱点来实现他们的目标。它识别威胁，并为特定的体系结构、功能和配置定义风险缓解策略。在威胁分析中，为了确定网络安全性能的状态并通过最小化暴露于相当大的威胁和漏洞来进一步增强它，安全度量是一项具有挑战性的需求。在本文中，作者提出了一种用于威胁分析和安全度量的通用方法，以便优先考虑威胁和漏洞，并继续进行个人网络(pn)的安全增强规划。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A Threat Analysis Methodology for Security Evaluation and Enhancement Planning

Threat analysis gives how potential adversaries exploit system weakness to achieve their goals. It identifies threats and defines a risk mitigation policy for a specific architecture, functionality and configuration. In a threat analysis security metrics are a challenging requirement in order to determine the status of network security performance and to further enhance it by minimizing exposure to considerable threats and vulnerabilities. In this paper the authors propose a generic methodology for threat analysis and security metrics in order to prioritize threats and vulnerabilities and proceed with security enhancement planning in Personal Networks (PNs).

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2009 Third International Conference on Emerging Security Information, Systems and Technologies

自引率

0.00%

发文量