liu.seSök publikationer i DiVA
Ändra sökning
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
A post-mortem incident modeling method
Linköpings universitet, Tekniska högskolan. Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik.
Linköpings universitet, Institutionen för datavetenskap, Databas och informationsteknik. Linköpings universitet, Tekniska högskolan.
2009 (Engelska)Ingår i: 2009 International Conference on Availability, Reliability and Security (ARES),  Vol. 1-2, IEEE , 2009, s. 1018-1023Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

Incident post-mortem analysis after recovery from incidents is recommended by most incident response experts. An analysis of why and how an incident happened is crucial for determining appropriate countermeasures to prevent the recurrence of the incident. Currently, there is a lack of structured methods for such an analysis, which would identify the causes of a security incident. In this paper, we present a structured method to perform the post-mortem analysis and to model the causes of an incident visually in a graph structure. This method is an extension of our earlier work on modeling software vulnerabilities. The goal of modeling incidents is to develop an understanding of what could have caused the security incident and how its recurrence can be prevented in the future. The method presented in this paper is intended to be used during the post-mortem analysis of incidents by incident response teams.

Ort, förlag, år, upplaga, sidor
IEEE , 2009. s. 1018-1023
Nyckelord [en]
Incident response, incident cause graph, incident modeling, post-mortem analysis
Nationell ämneskategori
Datavetenskap (datalogi)
Identifikatorer
URN: urn:nbn:se:liu:diva-43575DOI: 10.1109/ARES.2009.108ISI: 000270612000157Lokalt ID: 74252ISBN: 978-1-4244-3572-2 (tryckt)ISBN: e-978-0-7695-3564-7 OAI: oai:DiVA.org:liu-43575DiVA, id: diva2:264435
Konferens
4th International Conference on Availability, Reliability and Security (ARES 2009), 16-19 March 2009, Fukuoka, Japan
Tillgänglig från: 2009-10-10 Skapad: 2009-10-10 Senast uppdaterad: 2018-01-12

Open Access i DiVA

Fulltext saknas i DiVA

Övriga länkar

Förlagets fulltext

Personposter BETA

Ardi, ShanaiShahmehri, Nahid

Sök vidare i DiVA

Av författaren/redaktören
Ardi, ShanaiShahmehri, Nahid
Av organisationen
Tekniska högskolanDatabas och informationsteknik
Datavetenskap (datalogi)

Sök vidare utanför DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetricpoäng

doi
isbn
urn-nbn
Totalt: 242 träffar
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf