检索结果-南通市图书馆

threat modeling and Risk Assessment in Automotive Domain Based on Stochastic Petri Net

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Threat Modeling and Risk Assessment in Automotive Domain Bas...

Automating threat modeling using an ontology framework

2020中国汽车工程学会年会暨展览会

作者： Luo Feng Pan Wenwen Hou Shuo Zhang Xuan Yang Zhenyu School of Automotive Studies Tongji University

To accommodate modern applications,vehicles have become increasingly *** we get benefit from it,the problem of Cybersecurity becomes more and more ***,we have more and more security and privacy challenges for the design of automotive applications and *** known that threat analysis and risk assessment is the key point in the security life cycle,in this paper,we propose a method of threat modeling and risk assessment in automotive ***,we find the vulnerability and threat of automotive system from existing ***,combining stochastic Petri net with Markov chain,we come up a method for probabilistic risk *** the method,we can analyse and evaluate the system by four ***,a case study of the firmware update is *** indicates that this method is efficient.

关键词： automotive security stochastic petri net threat modeling risk assessment

来源： cnki会议评论

在线全文

cnki会议

学校读者我要写书评

暂无评论

Cybersecurity 2018年第1期1卷 893-912页

作者： Margus Valja Fredrik Heiding Ulrik Franke Robert Lagerstrom KTH Royal Institute of Technology 10044 StockholmSweden RISE Research Institutes of Sweden 16440 KistaSweden

threat modeling is of increasing importance to IT security,and it is a complex and resource demanding *** aim of automating threat modeling is to simplify model creation by using data that are already ***,the collected data often lack context;this can make the automated models less precise in terms of domain knowledge than those created by an expert human *** lack of domain knowledge in modeling automation can be addressed with *** this paper,we introduce an ontology framework to improve automatic threat *** framework is developed with conceptual modeling and validated using three different datasets:a small scale utility lab,water utility control network,and university IT *** framework produced successful results such as standardizing input sources,removing duplicate name entries,and grouping application software more logically.

关键词： threat modeling Ontologies Automated modeling Conceptual models Ontology framework

Cyber Resilience through Real-Time threat Analysis in Information Security

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

International Journal of Communications, Network and System Sciences 2024年第4期17卷 51-67页

作者： Aparna Gadhi Ragha Madhavi Gondu Hitendra Chaudhary Olatunde Abiona Department of Computer Information Systems Indiana University Northwest Gary IN USA

This paper examines how cybersecurity is developing and how it relates to more conventional information security. Although information security and cyber security are sometimes used synonymously, this study contends that they are not the same. The concept of cyber security is explored, which goes beyond protecting information resources to include a wider variety of assets, including people [1]. Protecting information assets is the main goal of traditional information security, with consideration to the human element and how people fit into the security process. On the other hand, cyber security adds a new level of complexity, as people might unintentionally contribute to or become targets of cyberattacks. This aspect presents moral questions since it is becoming more widely accepted that society has a duty to protect weaker members of society, including children [1]. The study emphasizes how important cyber security is on a larger scale, with many countries creating plans and laws to counteract cyberattacks. Nevertheless, a lot of these sources frequently neglect to define the differences or the relationship between information security and cyber security [1]. The paper focus on differentiating between cybersecurity and information security on a larger scale. The study also highlights other areas of cybersecurity which includes defending people, social norms, and vital infrastructure from threats that arise from online in addition to information and technology protection. It contends that ethical issues and the human factor are becoming more and more important in protecting assets in the digital age, and that cyber security is a paradigm shift in this regard [1].

关键词： Cybersecurity Information Security Network Security Cyber Resilience Real-Time threat Analysis Cyber threats Cyberattacks threat Intelligence Machine Learning Artificial Intelligence threat Detection threat Mitigation Risk Assessment Vulnerability Management Incident Response Security Orchestration Automation threat Landscape Cyber-Physical Systems Critical Infrastructure Data Protection Privacy Compliance Regulations Policy Ethics Cybercrime threat Actors threat modeling Security Architecture

Application Research on Two-Layer threat Prediction Model Based on Event Graph

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Computers, Materials & Continua 2023年第12期77卷 3993-4023页

作者： Shuqin Zhang Xinyu Su Yunfei Han Tianhui Du Peiyu Shi School of Computer Science Zhongyuan University of TechnologyZhengzhouHEN037China

Advanced Persistent threat(APT)is now the most common network ***,the existing threat analysis models cannot simultaneously predict the macro-development trend and micro-propagation path of APT *** cannot provide rapid and accurate early warning and decision responses to the present system state because they are inadequate at deducing the risk evolution rules of network *** address the above problems,firstly,this paper constructs the multi-source threat element analysis ontology(MTEAO)by integrating multi-source network security knowledge ***,based on MTEAO,we propose a two-layer threat prediction model(TL-TPM)that combines the knowledge graph and the event *** macro-layer of TL-TPM is based on the knowledge graph to derive the propagation path of threats among devices and to correlate threat elements for threat warning and decision-making;The micro-layer ingeniously maps the attack graph onto the event graph and derives the evolution path of attack techniques based on the event graph to improve the explainability of the evolution of threat *** experiment’s results demonstrate that TL-TPM can completely depict the threat development trend,and the early warning results are more precise and scientific,offering knowledge and guidance for active defense.

关键词： Knowledge graph multi-source data fusion network security threat modeling event graph absorbing Markov chain threat propagation path

CPIS-compliance Security Requirement Analysis for Software Development

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

CPIS-compliance Security Requirement Analysis for Software D...