Title: Managing threats by the use of visualisation techniques
Authors: Valentina Viduto, Carsten Maple, Wei Huang
Addresses: Institute for Research in Applicable Computing (IRAC), University of Bedfordshire, Park Square, Luton LU1 3JU, UK. ' Institute for Research in Applicable Computing (IRAC), University of Bedfordshire, Park Square, Luton LU1 3JU, UK. ' Institute for Research in Applicable Computing (IRAC), University of Bedfordshire, Park Square, Luton LU1 3JU, UK
Abstract: Identification of threats in networked systems is one of the important risk management processes that should be followed in order to be aware of all risks. In general, risk assessment guidelines for threat analysis propose to use historical organisation|s data, thus, novel and unheard threats often are skipped from an analysis. In this paper, we propose a novel onion skin model (OSM) which consists of visualisation techniques, such as attack graphs, often applied for qualitative and quantitative risk assessment analyses. The model can be used to facilitate in threat identification and decision-making process by focusing on attack scenarios that illustrate vulnerable nodes, threats and shortest attack paths to the attacker|s goal. The model can be used as part of risk management practices to improve security awareness through different attack scenarios and manage all system risks.
Keywords: onion skin model; OSM; visualisation techniques; risk management; attack graphs; attack trees; network hardening; network threats; risk assessment; network attacks; threat identification; decision making; vulnerable nodes; vulnerability; network security; attack scenarios.
DOI: 10.1504/IJSSC.2011.040347
International Journal of Space-Based and Situated Computing, 2011 Vol.1 No.2/3, pp.204 - 212
Received: 29 Dec 2010
Accepted: 15 Feb 2011
Published online: 26 Mar 2015 *