{"title":"基于特征的个人网络安全分析","authors":"Andrew J. Paverd, F. El-Moussa, I. Brown","doi":"10.1145/2638728.2641549","DOIUrl":null,"url":null,"abstract":"The Personal Network (PN) is a logical network of interconnected components used by an individual. It encompasses the home network, the Personal Area Network (PAN), and the Vehicular Area Network (VAN) and includes cloud-based services. Previous security analyses, including ITU-T Recommendation X.1111, have focussed on the individual physical networks rather than the PN itself. By consolidating and structuring previous work, we propose an updated and enhanced security analysis for the PN. In our characteristic-based approach we identify the primary characteristics of the PN and its components and use these to develop an abstract PN asset model. From this, we derive the main attacker objectives and a list of attack vectors through which these could be achieved. We propose a mapping between the attack vectors and the PN component characteristics that can be used to determine the specific attacks to which a particular component is vulnerable. In this paper, we present a summary of this analysis and discuss its usage.","PeriodicalId":20496,"journal":{"name":"Proceedings of the 2014 ACM International Joint Conference on Pervasive and Ubiquitous Computing: Adjunct Publication","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2014-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Characteristic-based security analysis of personal networks\",\"authors\":\"Andrew J. Paverd, F. El-Moussa, I. Brown\",\"doi\":\"10.1145/2638728.2641549\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The Personal Network (PN) is a logical network of interconnected components used by an individual. It encompasses the home network, the Personal Area Network (PAN), and the Vehicular Area Network (VAN) and includes cloud-based services. Previous security analyses, including ITU-T Recommendation X.1111, have focussed on the individual physical networks rather than the PN itself. By consolidating and structuring previous work, we propose an updated and enhanced security analysis for the PN. In our characteristic-based approach we identify the primary characteristics of the PN and its components and use these to develop an abstract PN asset model. From this, we derive the main attacker objectives and a list of attack vectors through which these could be achieved. We propose a mapping between the attack vectors and the PN component characteristics that can be used to determine the specific attacks to which a particular component is vulnerable. In this paper, we present a summary of this analysis and discuss its usage.\",\"PeriodicalId\":20496,\"journal\":{\"name\":\"Proceedings of the 2014 ACM International Joint Conference on Pervasive and Ubiquitous Computing: Adjunct Publication\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-09-13\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 2014 ACM International Joint Conference on Pervasive and Ubiquitous Computing: Adjunct Publication\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2638728.2641549\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2014 ACM International Joint Conference on Pervasive and Ubiquitous Computing: Adjunct Publication","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2638728.2641549","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Characteristic-based security analysis of personal networks
The Personal Network (PN) is a logical network of interconnected components used by an individual. It encompasses the home network, the Personal Area Network (PAN), and the Vehicular Area Network (VAN) and includes cloud-based services. Previous security analyses, including ITU-T Recommendation X.1111, have focussed on the individual physical networks rather than the PN itself. By consolidating and structuring previous work, we propose an updated and enhanced security analysis for the PN. In our characteristic-based approach we identify the primary characteristics of the PN and its components and use these to develop an abstract PN asset model. From this, we derive the main attacker objectives and a list of attack vectors through which these could be achieved. We propose a mapping between the attack vectors and the PN component characteristics that can be used to determine the specific attacks to which a particular component is vulnerable. In this paper, we present a summary of this analysis and discuss its usage.