Ajou University repository

Threat-driven Risk Assessment for APT Attacks using Risk-Aware Problem Domain Ontology
Citations

SCOPUS

0

Citation Export

Publication Year
2022-01-01
Journal
Proceedings of the IEEE International Conference on Requirements Engineering
Publisher
IEEE Computer Society
Citation
Proceedings of the IEEE International Conference on Requirements Engineering, pp.226-231
Keyword
advanced persistent threatbusiness process-based asset identificationevidence-based risk evaluationrisk-aware problem domain ontologythreat-driven risk assessment
Mesh Keyword
Advanced persistent threatAsset identificationBusiness ProcessBusiness process-based asset identificationDomain ontologiesEvidence-basedEvidence-based risk evaluationProblem domainProcess-basedRisk awareRisk evaluationRisk-aware problem domain ontologyRisks assessmentsThreat-driven risk assessment
All Science Classification Codes (ASJC)
Computer Science (all)Engineering (all)Strategy and Management
Abstract
Cybersecurity attacks, which have many business impacts, continuously become more intelligent and complex. These attacks take the form of a combination of various attack elements. APT attacks reflect this characteristic well. To defend against APT attacks, organizations should sufficiently understand these attacks based on the attack elements and their relations and actively defend against these attacks in multiple dimensions. Most organizations perform risk management to manage their information security. Generally, they use the information system risk assessment (ISRA). However, the method has difficulties supporting sufficiently analyzing security risks and actively responding to these attacks due to the limitations of asset-driven qualitative evaluation activities. In this paper, we propose a threat-driven risk assessment method. This method can evaluate how dangerous APT attacks are for an organization, analyze security risks from multiple perspectives, and support establishing an adaptive security strategy.
Language
eng
URI
https://aurora.ajou.ac.kr/handle/2018.oak/36833
https://www.scopus.com/inward/record.uri?partnerID=HzOxMe3b&scp=85142265119&origin=inward
DOI
https://doi.org/10.1109/rew56159.2022.00050
Type
Conference
Funding
This research was supported by the Basic Science Research Program through the National Research Foundation of Korea (NKF), funded by the Ministry of Science and ICT (NRF-2020R1F1A1075605), and the BK21 FOUR program of the National Research Foundation of Korea, funded by the Ministry of Education (NRF5199991014091).
Show full item record

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.

Related Researcher

Lee, Seok-Won Image
Lee, Seok-Won이석원
Department of Software and Computer Engineering
Read More

Total Views & Downloads

File Download

  • There are no files associated with this item.