Presentation is loading. Please wait.

Presentation is loading. Please wait.

Comparing two techniques for intrusion visualization Vikash Katta 1,3, Peter Karpati 1, Andreas L. Opdahl 2, Christian Raspotnig 2,3 & Guttorm Sindre 1.

Published byEustace Shaw Modified over 8 years ago

Similar presentations

Presentation on theme: "Comparing two techniques for intrusion visualization Vikash Katta 1,3, Peter Karpati 1, Andreas L. Opdahl 2, Christian Raspotnig 2,3 & Guttorm Sindre 1."— Presentation transcript:

1 Comparing two techniques for intrusion visualization Vikash Katta 1,3, Peter Karpati 1, Andreas L. Opdahl 2, Christian Raspotnig 2,3 & Guttorm Sindre 1 1) Norwegian University of Science and Technology, Trondheim 2) University of Bergen, Norway 3) Institute for Energy Technology, Halden, Norway Andreas.Opdahl@uib.no

2 The ReqSec Project Method and tool support for security requirements engineering: involve non-experts lightweight integrated, add-on industrially evaluated Funded by the Norwegian Research Council (NFR), 2008-2012 Many techniques proposed, e.g., anti-behaviours...

3 Perspective System security models: black-box models of monolothic systems single systems security analysis and specification Security architecture models: high-level organisational views enterprise architecture for security Need for intermediate solutions: security modelling for SOA white-box models of service collaborations bordering organisation and technology

4 Misuse Case Maps (MUCM) Inspired by Use Case Maps (R.J.A. Buhr, D. Aymot...)

5 Misuse Case Maps (MUCM) Use case maps: components, scenario paths, responsibilities Misuse case maps: vulnerabilities, exploit paths, vulnerable responsibility Preliminary evaluations: good for architectural overviews need better visualisation of attack step sequences

6 Misuse Sequence Diagrams (MUSD)

7 Sequence diagrams: actor, object/component, action, event/message Misuse sequence diagrams: attacker, vulnerability, exploit action and event/message Initial evaluation: can MUSD complement MUCM? how do the two techniques compare wrt. understanding performance perception

8 Comparison Controlled experiment with 42 subjects Latin squares organisation, random assignment Treatment (independent variables): technique: MUCM, MUSD task: bank intrusion (BAN), penetration test (PEN) Measures (dependent variables): understanding (UND) performance (VULN, MITIG, VUMI) perception (PER) Control (control variables): background (KNOW, STUDY, JOB)

9 Hypotheses H1 1 : MUCM better on architectural questions H2 1 : MUSD better for temporal sequence questions H3 1 : Either technique better on the neutral questions H4 1 : Either technique better overall H5 1 : Different numbers of vulnerabilities identified H6 1 : Different numbers of mitigations identified H7 1 : Different total numbers of vulnerabilities and mitigations identified H8 1 : Usefulness perceived differently H9 1 : Ease of use perceived differently H10 1 : Intentions to use perceived differently H11 1 : MUCM and MUSD perceived differently

10 Procedure 4 groups of 10-11 2 nd year computer science students 10 steps: Filling in the pre-experiment questionnaire (2 min) Reading a short introduction to the experiment (1 min) First technique on first task:  introduction to the technique (9 min)  read about task, looking at diagrams (12 min)  20 true/false questions about the case (8 min)  finding vulnerabilities and mitigations (11 min)  post-experiment questionnaire (4 min) Easy physical exercise (2 min) Repeat for second technique and task (44 min)

11 Results Backgrounds: No sig. differences between groups:  Kruskal-Wallis H test – 2-4 semesters of ICT studies – 2.07 months of job experience (three outliers) Sig. knowledge differences across groups: – Wilcoxon signed-rank tests – KNOW_MOD > KNOW_SEC, p =.000 – KNOW_SD > KNOW_UCM, p =.003 – KNOW_MUSD ≈ KNOW_MUCM

12 Understanding Wilcoxon signed-rank tests H1 & H2 accepted, H3 & H4 rejected Medium effect size (Cohen) No impact of technique or task order

13 Performance Two blank outliers removed (from 11-student groups) H5, H6 & H7 rejected No impact of technique order More identifications for bank task

14 Perception H8, H9, H10 & H11 accepted Medium to large effect sizes (Cohen) Only one insig. statement (“would be useless”) More positive perception of first technique used

15 Conclusion The techniques are complementary They facilitate understanding better for their “intended use”: – MUCM best for architectural issues – MUSD best for temporal sequences They are equal in performance – the bank task was more productive MUSDs were perceived more positively – the first technique was perceived more positively Further work: simpler MUCMs, qualitative analysis, more techniques, industrial subjects, notation and method integration, industrial case studies and action research...

16 Central concepts RFC 2828: vulnerability: a weakness in a system... that can be exploited to violate its security policy threat: a potential for violation of security... that could cause harm countermeasure: something that reduces a threat or attack by eliminating... preventing... minimizing the harm... or by reporting it to enable corrective action

Download ppt "Comparing two techniques for intrusion visualization Vikash Katta 1,3, Peter Karpati 1, Andreas L. Opdahl 2, Christian Raspotnig 2,3 & Guttorm Sindre 1."

Similar presentations

Security+ All-In-One Edition Chapter 17 – Risk Management

Security+ All-In-One Edition Chapter 17 – Risk Management
Ulrich Frank, Stefan Strecker Information Systems and Enterprise Modelling research group ICB Institute for Computer Science and Business Information Systems.

Ulrich Frank, Stefan Strecker Information Systems and Enterprise Modelling research group ICB Institute for Computer Science and Business Information Systems.
Module 1 Evaluation Overview © Crown Copyright (2000)

Module 1 Evaluation Overview © Crown Copyright (2000)
Security Design Patterns – Overview –Software Development Lifecycle –Enterprise Software Design Process and Artifacts –Pattern Format –Aspect Oriented.

Security Design Patterns – Overview –Software Development Lifecycle –Enterprise Software Design Process and Artifacts –Pattern Format –Aspect Oriented.
2009 – E. Félix Security DSL Toward model-based security engineering: developing a security analysis DSML Véronique Normand, Edith Félix, Thales Research.

2009 – E. Félix Security DSL Toward model-based security engineering: developing a security analysis DSML Véronique Normand, Edith Félix, Thales Research.
An Integrated Approach to Enterprise Architecture LIACS, Martijn Wiering 23 juni ‘04.

An Integrated Approach to Enterprise Architecture LIACS, Martijn Wiering 23 juni ‘04.
Project Change Management

Project Change Management
Planning and Managing Information Security Randall Sutton, President Elytra Enterprises Inc. April 4, 2006.

Planning and Managing Information Security Randall Sutton, President Elytra Enterprises Inc. April 4, 2006.
CST 481/598 Many thanks to Jeni Li.  Potential negative impact to an asset  Probability of a loss  A function of three variables  The probability.

CST 481/598 Many thanks to Jeni Li.  Potential negative impact to an asset  Probability of a loss  A function of three variables  The probability.
CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.

CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
Security Management Practices Keith A. Watson, CISSP CERIAS.

Security Management Practices Keith A. Watson, CISSP CERIAS.
Security Engineering II. Problem Sources 1.Requirements definitions, omissions, and mistakes 2.System design flaws 3.Hardware implementation flaws, such.

Security Engineering II. Problem Sources 1.Requirements definitions, omissions, and mistakes 2.System design flaws 3.Hardware implementation flaws, such.
April 1, 2004ECS 235Slide #1 Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational.

April 1, 2004ECS 235Slide #1 Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational.
Shell Based Intrusion Detection System Amit Mathur Section 2.

Shell Based Intrusion Detection System Amit Mathur Section 2.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Risk Assessment Frameworks

Risk Assessment Frameworks
Company LOGO Business Process Monitoring and Alignment An Approach Based on the User Requirements Notation and Business Intelligence Tools Pengfei Chen.

Company LOGO Business Process Monitoring and Alignment An Approach Based on the User Requirements Notation and Business Intelligence Tools Pengfei Chen.
Application Threat Modeling Workshop

Application Threat Modeling Workshop
1 2003-05-19 Experiences from establishing a national Centre for Information Security in Norway TERENA Networking Conference 2003 Maria Bartnes Dahl &

Experiences from establishing a national Centre for Information Security in Norway TERENA Networking Conference 2003 Maria Bartnes Dahl &

Similar presentations

Ads by Google