TY - JOUR
T1 - A survey on the usability and practical applications of Graphical Security Models
AU - Hong, Jin B.
AU - Kim, Dong Seong
AU - Chung, Chun Jen
AU - Huang, Dijiang
N1 - Funding Information:
This research was partially supported by the NATO Science for Peace & Security Multi-Year Project ( MD.SFPP 984425 ), NSF SaTC CNS 1528099 research grant, and by Grant NPRP 8-531-1-111 from Qatar National Research Fund (QNRF) . The statements made herein are solely the responsibility of the authors.
Funding Information:
This research was partially supported by the NATO Science for Peace & Security Multi-Year Project (MD.SFPP 984425), NSF SaTC CNS1528099 research grant, and by Grant NPRP 8-531-1-111 from Qatar National Research Fund (QNRF). The statements made herein are solely the responsibility of the authors.
Publisher Copyright:
© 2017 Elsevier Inc.
Copyright:
Copyright 2017 Elsevier B.V., All rights reserved.
PY - 2017/11
Y1 - 2017/11
N2 - This paper presents and discusses the current state of Graphical Security Models (GrSM), in terms of four GrSM phases: (i) generation, (ii) representation, (iii) evaluation, and (iv) modification. Although many studies focused on improving the usability, efficiency, and functionality of GrSMs (e.g., by using various model types and evaluation techniques), the networked system is evolving with many hosts and frequently changing topologies (e.g., Cloud, SDN, IoT etc.). To investigate the usability of GrSMs, this survey summarizes the characteristics of past research studies in terms of their development and computational complexity analysis, and specify their applications in terms of security metrics, availability of tools and their applicable domains. We also discuss the practical issues of modeling security, differences of GrSMs and their usability for future networks that are large and dynamic.
AB - This paper presents and discusses the current state of Graphical Security Models (GrSM), in terms of four GrSM phases: (i) generation, (ii) representation, (iii) evaluation, and (iv) modification. Although many studies focused on improving the usability, efficiency, and functionality of GrSMs (e.g., by using various model types and evaluation techniques), the networked system is evolving with many hosts and frequently changing topologies (e.g., Cloud, SDN, IoT etc.). To investigate the usability of GrSMs, this survey summarizes the characteristics of past research studies in terms of their development and computational complexity analysis, and specify their applications in terms of security metrics, availability of tools and their applicable domains. We also discuss the practical issues of modeling security, differences of GrSMs and their usability for future networks that are large and dynamic.
KW - Attack graphs
KW - Attack trees
KW - Security analysis
KW - Security metrics
KW - Security models
UR - http://www.scopus.com/inward/record.url?scp=85036477563&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85036477563&partnerID=8YFLogxK
U2 - 10.1016/j.cosrev.2017.09.001
DO - 10.1016/j.cosrev.2017.09.001
M3 - Review article
AN - SCOPUS:85036477563
VL - 26
SP - 1
EP - 16
JO - Computer Science Review
JF - Computer Science Review
SN - 1574-0137
ER -