Title: Managing threats by the use of visualisation techniques

Authors: Valentina Viduto, Carsten Maple, Wei Huang

Addresses: Institute for Research in Applicable Computing (IRAC), University of Bedfordshire, Park Square, Luton LU1 3JU, UK. ' Institute for Research in Applicable Computing (IRAC), University of Bedfordshire, Park Square, Luton LU1 3JU, UK. ' Institute for Research in Applicable Computing (IRAC), University of Bedfordshire, Park Square, Luton LU1 3JU, UK

Abstract: Identification of threats in networked systems is one of the important risk management processes that should be followed in order to be aware of all risks. In general, risk assessment guidelines for threat analysis propose to use historical organisation|s data, thus, novel and unheard threats often are skipped from an analysis. In this paper, we propose a novel onion skin model (OSM) which consists of visualisation techniques, such as attack graphs, often applied for qualitative and quantitative risk assessment analyses. The model can be used to facilitate in threat identification and decision-making process by focusing on attack scenarios that illustrate vulnerable nodes, threats and shortest attack paths to the attacker|s goal. The model can be used as part of risk management practices to improve security awareness through different attack scenarios and manage all system risks.

Keywords: onion skin model; OSM; visualisation techniques; risk management; attack graphs; attack trees; network hardening; network threats; risk assessment; network attacks; threat identification; decision making; vulnerable nodes; vulnerability; network security; attack scenarios.

DOI: 10.1504/IJSSC.2011.040347

International Journal of Space-Based and Situated Computing, 2011 Vol.1 No.2/3, pp.204 - 212

Received: 29 Dec 2010
Accepted: 15 Feb 2011

Published online: 26 Mar 2015 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article