A survey on the usability and practical applications of Graphical Security Models

Jin B. Hong; Dong Seong Kim; Chun Jen Chung; Dijiang Huang

doi:10.1016/j.cosrev.2017.09.001

A survey on the usability and practical applications of Graphical Security Models

Jin B. Hong, Dong Seong Kim, Chun Jen Chung, Dijiang Huang

Research output: Contribution to journal › Review article › peer-review

56 Scopus citations

Abstract

This paper presents and discusses the current state of Graphical Security Models (GrSM), in terms of four GrSM phases: (i) generation, (ii) representation, (iii) evaluation, and (iv) modification. Although many studies focused on improving the usability, efficiency, and functionality of GrSMs (e.g., by using various model types and evaluation techniques), the networked system is evolving with many hosts and frequently changing topologies (e.g., Cloud, SDN, IoT etc.). To investigate the usability of GrSMs, this survey summarizes the characteristics of past research studies in terms of their development and computational complexity analysis, and specify their applications in terms of security metrics, availability of tools and their applicable domains. We also discuss the practical issues of modeling security, differences of GrSMs and their usability for future networks that are large and dynamic.

Original language	English (US)
Pages (from-to)	1-16
Number of pages	16
Journal	Computer Science Review
Volume	26
DOIs	https://doi.org/10.1016/j.cosrev.2017.09.001
State	Published - Nov 2017

Keywords

Attack graphs
Attack trees
Security analysis
Security metrics
Security models

ASJC Scopus subject areas

Theoretical Computer Science
General Computer Science

Access to Document

10.1016/j.cosrev.2017.09.001

Cite this

@article{971034f999ad47a5b1b816abd35b4121,

title = "A survey on the usability and practical applications of Graphical Security Models",

abstract = "This paper presents and discusses the current state of Graphical Security Models (GrSM), in terms of four GrSM phases: (i) generation, (ii) representation, (iii) evaluation, and (iv) modification. Although many studies focused on improving the usability, efficiency, and functionality of GrSMs (e.g., by using various model types and evaluation techniques), the networked system is evolving with many hosts and frequently changing topologies (e.g., Cloud, SDN, IoT etc.). To investigate the usability of GrSMs, this survey summarizes the characteristics of past research studies in terms of their development and computational complexity analysis, and specify their applications in terms of security metrics, availability of tools and their applicable domains. We also discuss the practical issues of modeling security, differences of GrSMs and their usability for future networks that are large and dynamic.",

keywords = "Attack graphs, Attack trees, Security analysis, Security metrics, Security models",

author = "Hong, {Jin B.} and Kim, {Dong Seong} and Chung, {Chun Jen} and Dijiang Huang",

note = "Publisher Copyright: {\textcopyright} 2017 Elsevier Inc.",

year = "2017",

month = nov,

doi = "10.1016/j.cosrev.2017.09.001",

language = "English (US)",

volume = "26",

pages = "1--16",

journal = "Computer Science Review",

issn = "1574-0137",

publisher = "Elsevier Ireland Ltd",

}

TY - JOUR

T1 - A survey on the usability and practical applications of Graphical Security Models

AU - Hong, Jin B.

AU - Kim, Dong Seong

AU - Chung, Chun Jen

AU - Huang, Dijiang

PY - 2017/11

Y1 - 2017/11

N2 - This paper presents and discusses the current state of Graphical Security Models (GrSM), in terms of four GrSM phases: (i) generation, (ii) representation, (iii) evaluation, and (iv) modification. Although many studies focused on improving the usability, efficiency, and functionality of GrSMs (e.g., by using various model types and evaluation techniques), the networked system is evolving with many hosts and frequently changing topologies (e.g., Cloud, SDN, IoT etc.). To investigate the usability of GrSMs, this survey summarizes the characteristics of past research studies in terms of their development and computational complexity analysis, and specify their applications in terms of security metrics, availability of tools and their applicable domains. We also discuss the practical issues of modeling security, differences of GrSMs and their usability for future networks that are large and dynamic.

AB - This paper presents and discusses the current state of Graphical Security Models (GrSM), in terms of four GrSM phases: (i) generation, (ii) representation, (iii) evaluation, and (iv) modification. Although many studies focused on improving the usability, efficiency, and functionality of GrSMs (e.g., by using various model types and evaluation techniques), the networked system is evolving with many hosts and frequently changing topologies (e.g., Cloud, SDN, IoT etc.). To investigate the usability of GrSMs, this survey summarizes the characteristics of past research studies in terms of their development and computational complexity analysis, and specify their applications in terms of security metrics, availability of tools and their applicable domains. We also discuss the practical issues of modeling security, differences of GrSMs and their usability for future networks that are large and dynamic.

KW - Attack graphs

KW - Attack trees

KW - Security analysis

KW - Security metrics

KW - Security models

UR - http://www.scopus.com/inward/record.url?scp=85036477563&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85036477563&partnerID=8YFLogxK

U2 - 10.1016/j.cosrev.2017.09.001

DO - 10.1016/j.cosrev.2017.09.001

M3 - Review article

AN - SCOPUS:85036477563

SN - 1574-0137

VL - 26

SP - 1

EP - 16

JO - Computer Science Review

JF - Computer Science Review

ER -

A survey on the usability and practical applications of Graphical Security Models

Abstract

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this