Information requirements study for a technology-based computer network threat model

PDF

Authors
  1. Douba, S.
Corporate Authors
Defence R&D Canada - Ottawa, Ottawa ONT (CAN);Cygnos IT Security, Ottawa Ont (CAN)
Abstract
In this work we present a threat model based on two distinct features compared to those prevailing in the industry, including both private and public sectors. Firstly, the model attempts to determine the relative likelihood of a threat posed by an attacker attempting to leverage an existing vulnerability he is aware of vis-à-vis other existing vulnerabilities, regardless of motive. Secondly, in an effort to make the assessment representative of reality, the model defines directly measureable attributes for which answers can be found in commonly available security bulletins, forums and vulnerability databases such as National Vulnerability Database (NVD), and Common Weakness Enumeration (CWE). The study builds and extends on some of established vulnerability attributes agreed by the industry such as those incorporated into the Common Vulnerabilities and Scoring System (CVSS) rating methodology. New attributes are introduced, others are left intact, and parametric factors for some are altered, modified or replaced to allow for an informed assessment away from subjective considerations. Because the threat model considers the attacker’s perspective only, regardless of motivation, risk-related factors were not considered. A corresponding relational UML model is consequently depicted. Finally, a TOPSIS Multi-Attribute Decision Making computational technique for ranking threats based on identified system or network vulnerabilities is presented.

Il y a un résumé en français ici.

Report Number
DRDC-OTTAWA-CR-2010-083 — Contractor Report
Date of publication
01 Jun 2010
Number of Pages
40
DSTKIM No
CA034166
CANDIS No
533587
Format(s):
Electronic Document(PDF)

Permanent link

Document 1 of 1

Date modified: