Model of Threats to Computer Network Software

Novokhrestov, Aleksey; Konev, Anton; Shelupanov, Alexander

doi:10.3390/sym11121506

Cited by 10 publications

(6 citation statements)

References 31 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Brief Description [128] The article highlights the problem of identifying threats to the information security of computer networks. The analysis of computer network models used to identify threats, as well as approaches to the construction of such models, was carried out.…”

Section: Publicationmentioning

confidence: 99%

“…in the OS, what parameters it has and what functions it performs, and this is a necessary measure for threat analysis. The authors of [120,126,128,129] described, in detail, the models of the system and threats in both verbal and mathematical forms, which allows them to be used as a basis for further scientific research in this field.…”

Section: Publicationmentioning

confidence: 99%

“…In [128], the authors analyzed existing models of computer networks that use threat detection, as well as existing approaches to building threat models for computer networks. Based on the analysis, a computer network model based on the mathematical apparatus of attributive metagraphs was developed.…”

Section: Publicationmentioning

confidence: 99%

See 2 more Smart Citations

A Survey on Threat-Modeling Techniques: Protected Objects and Classification of Threats

et al. 2022

Self Cite

View full text Add to dashboard Cite

Information security is one of the most important attributes of distributed systems that often operate on unreliable networks. Enabling security features during the development of a distributed system requires the careful analysis of potential attacks or threats in different contexts, a process often referred to as «threat modeling». Information protection should be comprehensive, but it is also necessary to take into account the possibility of the emergence of threats specific to a certain information system. Many public and private organizations are still trying to implement system models and the threats directed at them on their own. The main reason for this is the lack of useful and high-quality methodologies that can help developers design system models. This review explores a variety of the literature on confidentiality- and integrity-aware system design methodologies, as well as threat classification methods, and identifies key issues that may be referenced by organizations to make design system processes easier. In particular, this article takes a look at the extent to which existing methodologies cover objects of protection and methods of classifying threats, as well as whether there are such models of systems in which the object itself and the threats directed at it are described. This includes whether the compiled models exhibit symmetry or asymmetry. This literature research shows that methodologies appear to be heterogeneous and versatile, since existing methodologies often only focus on one object of protection (a system). Based on the given analysis, it can be concluded that the existing methodologies only relate superficially to the description of system models and threats, and it is necessary to develop a more complete abstract model of the protected object and threats aimed at it in order to make this model suitable for any organization and protect it against most threats.

show abstract

Section: Publicationmentioning

confidence: 99%

Section: Publicationmentioning

confidence: 99%

See 1 more Smart Citation

A Survey on Threat-Modeling Techniques: Protected Objects and Classification of Threats

et al. 2022

Self Cite

View full text Add to dashboard Cite

show abstract

“…As previously stated, we are addressing a novel task when establishing a categorization for manipulation techniques; our position is to keep it as simple as possible, and following this approach, we can subdivide manipulation techniques into three families: fabrication, modification, and cancellation, as stated in [67,68]. These three families are capable of including different threats classification, for example, those presented in [69] against integrity, which refer to substitution, change (both considered inside modification), removal (cancellation), and addition (fabrication).…”

Section: Manipulationmentioning

confidence: 99%

CNA Tactics and Techniques: A Structure Proposal

Villalón-Huerta

Ripoll

Marco-Gisbert

2021

JSAN

View full text Add to dashboard Cite

Destructive and control operations are today a major threat for cyber physical systems. These operations, known as Computer Network Attack (CNA), and usually linked to state-sponsored actors, are much less analyzed than Computer Network Exploitation activities (CNE), those related to intelligence gathering. While in CNE operations the main tactics and techniques are defined and well structured, in CNA there is a lack of such consensuated approaches. This situation hinders the modeling of threat actors, which prevents an accurate definition of control to identify and to neutralize malicious activities. In this paper, we propose the first global approach for CNA operations that can be used to map real-world activities. The proposal significantly reduces the amount of effort need to identify, analyze, and neutralize advanced threat actors targeting cyber physical systems. It follows a logical structure that can be easy to expand and adapt.

show abstract

“…The possibility of implementing threats and countermeasures to them with the use of methods of information security of telecommunication networks (these criteria are described in more detail in the works [1,2]); • Using the maximum number of possible layers of the data communication protocol stack.…”

mentioning

confidence: 99%

Implementation and Evaluation of Nodal Distribution and Movement in a 5G Mobile Network

et al. 2021

Self Cite

View full text Add to dashboard Cite

The determining factor in the accelerated pace of informatization is the increase in the speed and reliability of data transmission networks. In this regard, new and existing standards are developed and modernized. A lot of organizations are constantly working on the development and implementation of new generation communication networks. This article provides an overview of available software solutions that allow us to investigate and evaluate the behavior of data networks. In particular, tools suitable for mobile communication systems were determined, having sufficient built-in functionality and allowing us to add our own implementations. NS3 has been chosen as a suitable network simulator. Apart from the review, a solution for this tool was developed. It allows estimating the reliability of data transmission from the start movement of a network node at all times during its removal from a base station.

show abstract

Model of Threats to Computer Network Software

Cited by 10 publications

References 31 publications

A Survey on Threat-Modeling Techniques: Protected Objects and Classification of Threats

A Survey on Threat-Modeling Techniques: Protected Objects and Classification of Threats

CNA Tactics and Techniques: A Structure Proposal

Implementation and Evaluation of Nodal Distribution and Movement in a 5G Mobile Network

Contact Info

Product

Resources

About