E-Book, Englisch, 255 Seiten
Blackwell / Zhu Cyberpatterns
2014
ISBN: 978-3-319-04447-7
Verlag: Springer International Publishing
Format: PDF
Kopierschutz: 1 - PDF Watermark
Unifying Design Patterns with Security and Attack Patterns
E-Book, Englisch, 255 Seiten
ISBN: 978-3-319-04447-7
Verlag: Springer International Publishing
Format: PDF
Kopierschutz: 1 - PDF Watermark
Cyberspace in increasingly important to people in their everyday lives for purchasing goods on the Internet, to energy supply increasingly managed remotely using Internet protocols. Unfortunately, this dependence makes us susceptible to attacks from nation states, terrorists, criminals and hactivists. Therefore, we need a better understanding of cyberspace, for which patterns, which are predictable regularities, may help to detect, understand and respond to incidents better. The inspiration for the workshop came from the existing work on formalising design patterns applied to cybersecurity, but we also need to understand the many other types of patterns that arise in cyberspace.
Autoren/Hrsg.
Weitere Infos & Material
1;Contents;5
2;Contributors;8
3;Part IIntroduction;11
4;1 Cyberpatterns: Towards a Pattern Oriented Study of Cyberspace;12
4.1;1 Motivation;12
4.2;2 The Notion of Pattern;14
4.3;3 Pattern-Oriented Research Methodology;15
4.3.1;3.1 Software Design Patterns: An Example of Applying the Pattern-Oriented Research Method;15
4.3.2;3.2 Advantages and Benefits;19
4.4;4 Patterns in Cyberspace;19
4.4.1;4.1 What are Patterns in Cyberspace?;19
4.4.2;4.2 How do Cyberpatterns Interrelate and Interact with Each Other?;21
4.5;5 Conclusion;22
4.6;References;22
5;2 Towards a Conceptual Framework for Security Patterns;25
5.1;1 Introduction and Rationale;26
5.2;2 Pattern Classification;26
5.2.1;2.1 Zachman Framework;26
5.2.2;2.2 Modelling Security Patterns;27
5.3;3 History and Classification of Security Patterns;29
5.3.1;3.1 Basic Pattern Catalogues;29
5.3.2;3.2 Multi-Dimensional Classification Schemes;31
5.4;4 More Pattern Types and Related Concepts;36
5.4.1;4.1 Security Tactics and Specialisation;36
5.4.2;4.2 Transformational Patterns;37
5.5;5 Pattern Organisation;37
5.5.1;5.1 Pattern Templates;37
5.5.2;5.2 Pattern Spaces and Diagrams;38
5.6;6 Conclusions and Further Work;39
5.7;References;41
6;Part IIPattern Representation;43
7;3 Design Patterns: Applications and Open Issues;45
7.1;1 Introduction;45
7.2;2 Specialised Design Patterns;47
7.3;3 Design Patterns in Model-Driven Development;48
7.4;4 Design Pattern Formalisation and Verification;48
7.4.1;4.1 Pattern Verification;52
7.5;5 Conclusions;52
7.6;References;53
8;4 Challenges for a Formal Framework for Patterns;54
8.1;1 Introduction;54
8.2;2 Design Patterns;55
8.2.1;2.1 Design Patterns as Solutions;55
8.2.2;2.2 Further Benefits of Formality;56
8.2.3;2.3 The Intent of Design Patterns;56
8.3;3 Design Versus Attack and Security Patterns;57
8.3.1;3.1 Design Patterns;57
8.3.2;3.2 Security Patterns;58
8.3.3;3.3 Attack Patterns;59
8.4;4 Commonalities Between Patterns;59
8.4.1;4.1 Formalisation of Design Patterns;60
8.4.2;4.2 Potential Benefits of Formalisation;60
8.4.3;4.3 Barriers to Successful Formalisation;61
8.5;5 Conclusion;61
8.6;References;62
9;5 Towards a General Theory of Patterns;63
9.1;1 Introduction;63
9.2;2 Related Works;64
9.2.1;2.1 OO Design Patterns;64
9.2.2;2.2 Design Space;65
9.2.3;2.3 Meta-Modelling;66
9.3;3 The Proposed Approach;67
9.3.1;3.1 Overview;67
9.3.2;3.2 Definition of Design Spaces;68
9.3.3;3.3 Specification of Patterns;69
9.4;4 Application to Security Design Patterns;70
9.4.1;4.1 The Design Space of Security Systems;70
9.4.2;4.2 Security System Design Patterns;71
9.5;5 Conclusion;74
9.6;References;75
10;Part IIIIntroduction to Security Patterns;76
11;6 Extending AOP Principles for the Description of Network Security Patterns;78
11.1;1 Introduction;78
11.2;2 Related Work;79
11.3;3 AOP Security Challenges;81
11.3.1;3.1 Secure Data Forwarding;81
11.3.2;3.2 End-to-End Security;82
11.3.3;3.3 Separation of Duty;83
11.4;4 Requirements;83
11.5;5 Point-cut Definition Language;84
11.6;6 Application;87
11.7;7 Conclusion;88
11.8;References;89
12;7 Management Patterns for Network Resilience: Design and Verification of Policy Configurations;90
12.1;1 Introduction;90
12.2;2 Background and Related Work;91
12.3;3 Reusable Patterns for Resilience Strategies;92
12.3.1;3.1 Pattern Specification;92
12.3.2;3.2 Example Scenario: High-Volume Traffic Challenge;93
12.4;4 Research Issues;95
12.4.1;4.1 Attack- and Challenge-Specific Management Patterns;95
12.4.2;4.2 Conflict Analysis and Resolution;96
12.4.3;4.3 Pattern and Policy Refinement;97
12.5;5 Concluding Remarks;99
12.6;References;99
13;8 A Heuristic Approach for Secure Service Composition Adaptation;101
13.1;1 Introduction;102
13.2;2 Service Composition and Verification;102
13.2.1;2.1 Service Composition;102
13.2.2;2.2 Composition Verification Techniques;104
13.3;3 Heuristics-Based Composition Adaptation;105
13.4;4 Service Quantification;106
13.5;5 Future Work and Conclusions;108
13.6;References;108
14;Part IVIntroduction to Attack Patterns;110
15;9 A Strategy for Structuring and Formalising Attack Patterns;113
15.1;1 Introduction;113
15.2;2 Attack Patterns;117
15.3;3 Modelling Attack Patterns;118
15.3.1;3.1 Informal Modelling Advantages;118
15.3.2;3.2 Strategy for Formalisation;120
15.3.3;3.3 Formalisation;121
15.4;4 Conclusions and Further Work;123
15.5;References;124
16;10 Attack Pattern Recognition Through Correlating Cyber Situational Awareness in Computer Networks;126
16.1;1 Introduction;126
16.2;2 Background and Related Work;128
16.3;3 Model;130
16.4;4 Approach;131
16.5;5 Attack Example;133
16.6;6 Conclusion;134
16.7;References;134
17;11 Towards a Penetration Testing Framework Using Attack Patterns;136
17.1;1 Introduction;136
17.2;2 Attack Patterns;137
17.3;3 Critique of Penetration Testing;138
17.4;4 Testing Fundamentals;139
17.4.1;4.1 Black Box Testing;139
17.4.2;4.2 White Box Testing;139
17.4.3;4.3 50 Shades of Grey;140
17.4.4;4.4 Security Testing;141
17.5;5 Proposed Penetration Testing Framework;141
17.5.1;5.1 Introduction and Rationale;141
17.5.2;5.2 Existing Standards;142
17.5.3;5.3 Threat Modelling;143
17.5.4;5.4 Benefits of Attack Patterns;145
17.5.5;5.5 Organisational Considerations;146
17.6;6 Conclusions and Further Work;147
17.7;References;148
18;12 A Method for Resolving Security Vulnerabilities Through the Use of Design Patterns;150
18.1;1 Introduction;150
18.2;2 Summary of Work;151
18.2.1;2.1 Taxonomy;151
18.2.2;2.2 Methodology;155
18.3;References;156
19;13 `Weird Machine' Patterns;157
19.1;1 Introduction;157
19.2;2 A Tale of Two Engineering Workflows;159
19.2.1;2.1 The Software Engineer;160
19.2.2;2.2 The Exploit Engineer;161
19.2.3;2.3 A Simple Example of Exploit Programming;162
19.3;3 Patterns;163
19.3.1;3.1 Exploitation as Programming ``Weird Machines'';163
19.3.2;3.2 Recovering Context, Symbols, and Structure;164
19.3.3;3.3 Preparing Vulnerable System State;165
19.3.4;3.4 Piercing Abstraction;165
19.3.5;3.5 Balancing Context Constraints;166
19.3.6;3.6 Bit Path Tracing of Cross-Layer Flows;166
19.3.7;3.7 Trap-Based Programming and Composition;168
19.4;4 Conclusion;169
19.5;References;170
20;Part VSocio-technical Aspects of Patterns;172
21;14 Towards a Simulation of Information Security Behaviour in Organisations;175
21.1;1 Introduction;175
21.2;2 Background;176
21.3;3 Crime Scripts;179
21.4;4 Script Clashes;180
21.5;5 Conclusion and Future Work;181
21.6;References;181
22;15 Security Design Patterns in the MASTER Workbench;183
22.1;1 Introduction;183
22.2;2 Usage Scenario;184
22.3;3 Security Patterns;185
22.4;4 Protection and Regulatory Models;187
22.5;5 PRM Tool;189
22.6;6 An Example;191
22.7;7 Conclusions and Future Directions;193
22.8;References;195
23;16 Evaluating the Implications of Attack and Security Patterns with Premortems;196
23.1;1 Contextualising Patterns for Security Design;196
23.2;2 Patterns as an Exploratory Tool;197
23.3;3 Approach;198
23.3.1;3.1 Combine Security and Attack Patterns;198
23.3.2;3.2 Project Risk Implications;199
23.3.3;3.3 Author Premortem and Solict Premortem Responses;199
23.3.4;3.4 Analyse Premortem Reasons;199
23.4;4 Example;200
23.4.1;4.1 Combine Security and Attack Patterns;200
23.4.2;4.2 Project Risk Implications;200
23.4.3;4.3 Author Premortem and Solict Premortem Responses;202
23.4.4;4.4 Analyse Premortem Reasons;202
23.5;5 Implications;203
23.5.1;5.1 Analysing Incomplete Risk Models;204
23.5.2;5.2 Measuring Quality Concerns;204
23.5.3;5.3 Engagement with Hard to Reach Groups;204
23.5.4;5.4 Promoting Open Innovation;205
23.6;6 Conclusion;205
23.7;References;205
24;Part VIPattern Recognition;207
25;17 An Overview of Artificial Intelligence Based Pattern Matching in a Security and Digital Forensic Context;210
25.1;1 Introduction;210
25.2;2 Artificial Intelligence;211
25.2.1;2.1 Knowledge Representation;211
25.2.2;2.2 Pattern Recognition Techniques;212
25.2.3;2.3 Exploratory Data Analysis;215
25.2.4;2.4 Knowledge Refinement;216
25.3;3 Conclusion;216
25.4;References;217
26;18 Partitional Clustering of Malware Using K-Means;218
26.1;1 Introduction;218
26.2;2 Background and Related Work;220
26.3;3 Method;223
26.4;4 Experiments;224
26.5;5 Conclusion;225
26.6;References;226
27;19 Dynamic Monitoring of Composed Services;229
27.1;1 Introduction;229
27.2;2 Related Work;231
27.3;3 Event Model;232
27.4;4 The Monitoring Framework;234
27.5;5 Conclusion and Future Work;238
27.6;References;239
28;20 Where has this Hard Disk Been?: Extracting Geospatial Intelligence from Digital Storage Systems;240
28.1;1 Introduction;240
28.2;2 Geocoding;242
28.3;3 Resolving Geospatial Data;242
28.4;4 Correlation;244
28.5;5 The Value of Geospatial Analysis;245
28.6;6 Conclusions;246
28.7;References;247
29;Part VIIThe Future;249
30;21 Future Directions for Research on Cyberpatterns;250
30.1;1 Representation Issues;251
30.1.1;1.1 Definition of the Semantics of Patterns;251
30.1.2;1.2 Uniformity of Pattern Representation for All Sub-domains;251
30.1.3;1.3 Integration of Different Pattern Representations;252
30.2;2 Engineering Issues;252
30.2.1;2.1 Validation, Verification and Testing Patterns;252
30.2.2;2.2 Pattern-Oriented Knowledge Bases;252
30.2.3;2.3 Mechanisms for Pattern Interactions;253
30.2.4;2.4 Mechanisms for Efficient Application of Patterns;253
30.2.5;2.5 Mechanisms for the Automatic Acquisition of Patterns;254
30.3;3 Conclusions;255
30.4;References;255
