Detailed Information
Cited 2 time in 
Cited 3 time in 
Cited 3 time in
Metadata Downloads
Towards enhanced threat modelling and analysis using a Markov Decision Process
Full metadata record
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Malik, Saif U. R. | - |
| dc.contributor.author | Anjum, Adeel | - |
| dc.contributor.author | Moqurrab, Syed Atif | - |
| dc.contributor.author | Srivastava, Gautam | - |
| dc.date.accessioned | 2023-07-12T08:40:09Z | - |
| dc.date.available | 2023-07-12T08:40:09Z | - |
| dc.date.created | 2023-07-12 | - |
| dc.date.issued | 2022-10-01 | - |
| dc.identifier.issn | 0140-3664 | - |
| dc.identifier.uri | https://scholarworks.bwise.kr/gachon/handle/2020.sw.gachon/88489 | - |
| dc.description.abstract | The complexity of socio-technical systems using Ambient Intelligence (AmI) and the Internet of Things (IoT) is growing exponentially, involving numerous entities, such as humans, infrastructures, and cyber systems. Achieving and maintaining a specified level of security and privacy in such systems is challenging and crucial. Attack Tree is a powerful technique used in safety and reliability engineering. In this paper, we attempted to enhance Attack Tree analysis by transforming it into a Markov Decision Process (MDP) model. We propose an algorithm to transform an Attack Tree into an MDP model. We argue that formal methods, such as probabilistic model checking can significantly improve the security analysis capabilities. Moreover, the mixture of MDP and probabilistic model checking can overcome the limitations of Attack Trees, such as state explosion, scalability, and manual interaction. We used a probabilistic model checker, namely PRISM to model an attack scenario and perform security analysis on it. To demonstrate the significance, we took a real-world use case and performed a probabilistic analysis on it. The results revealed that formal analysis can prove certain properties, which were not possible to verify using attack trees. | - |
| dc.language | 영어 | - |
| dc.language.iso | en | - |
| dc.publisher | ELSEVIER | - |
| dc.relation.isPartOf | COMPUTER COMMUNICATIONS | - |
| dc.title | Towards enhanced threat modelling and analysis using a Markov Decision Process | - |
| dc.type | Article | - |
| dc.type.rims | ART | - |
| dc.description.journalClass | 1 | - |
| dc.identifier.wosid | 000877591800001 | - |
| dc.identifier.doi | 10.1016/j.comcom.2022.07.038 | - |
| dc.identifier.bibliographicCitation | COMPUTER COMMUNICATIONS, v.194, pp.282 - 291 | - |
| dc.description.isOpenAccess | N | - |
| dc.identifier.scopusid | 2-s2.0-85136714963 | - |
| dc.citation.endPage | 291 | - |
| dc.citation.startPage | 282 | - |
| dc.citation.title | COMPUTER COMMUNICATIONS | - |
| dc.citation.volume | 194 | - |
| dc.contributor.affiliatedAuthor | Moqurrab, Syed Atif | - |
| dc.type.docType | Article | - |
| dc.subject.keywordAuthor | Attack Trees | - |
| dc.subject.keywordAuthor | Formal methods | - |
| dc.subject.keywordAuthor | Markov Decision Process | - |
| dc.subject.keywordAuthor | Probabilistic model checking | - |
| dc.subject.keywordAuthor | Security analysis | - |
| dc.subject.keywordPlus | FAULT-TREE ANALYSIS | - |
| dc.subject.keywordPlus | CHECKING | - |
| dc.relation.journalResearchArea | Computer Science | - |
| dc.relation.journalResearchArea | Engineering | - |
| dc.relation.journalResearchArea | Telecommunications | - |
| dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
| dc.relation.journalWebOfScienceCategory | Engineering, Electrical & Electronic | - |
| dc.relation.journalWebOfScienceCategory | Telecommunications | - |
| dc.description.journalRegisteredClass | scie | - |
| dc.description.journalRegisteredClass | scopus | - |
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - ETC > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
Related Researcher
- Moqurrab, Syed Atif
- College of IT Convergence (Department of Software)