Modeling security attacks with statecharts

Omar A. El Ariss, Dianxiang Xu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Citations (Scopus)

Abstract

Software security is becoming a key quality concern as software applications are increasingly being used in untrustworthy computing environments such as the internet. Software is designed with the mindset of its functionalities and cost, where the focus is on the operational behavior while security concerns are neglected or marginally considered. As a result, software engineers build the software while lacking the knowledge about security and its effect on the system. This paper presents an approach for modeling the behavior of security threats using statecharts. The proposed approach introduces modular design for representing threats through the use of components and reusability. Through the focus on the behavior of an attack, software engineers can clearly define and understand security concerns as the application is being designed and developed. In addition, modeling security threats with statecharts makes it convenient to build a consistent semantic link between functional behaviors and security concerns.

Original languageEnglish (US)
Title of host publicationCompArch'11 - Proceedings of the 2011 Federated Events on Component-Based Software Engineering and Software Architecture - QoSA+ISARCS'11
Pages123-132
Number of pages10
DOIs
StatePublished - Jul 25 2011
Event7th Int. ACM SIGSOFT Conf. on the Quality of Software Archit., QoSA 2011 and the 2nd ACM SIGSOFT Int. Symp. on Archit. Critical Syst., ISARCS 2011, Part of the 2011 Federated Events on Component-Based Software Eng. and Software Archit., CompArch'11 - Boulder, CO, United States
Duration: Jun 20 2011Jun 24 2011

Other

Other7th Int. ACM SIGSOFT Conf. on the Quality of Software Archit., QoSA 2011 and the 2nd ACM SIGSOFT Int. Symp. on Archit. Critical Syst., ISARCS 2011, Part of the 2011 Federated Events on Component-Based Software Eng. and Software Archit., CompArch'11
CountryUnited States
CityBoulder, CO
Period6/20/116/24/11

Fingerprint

Engineers
Reusability
Application programs
Semantics
Internet
Costs

All Science Journal Classification (ASJC) codes

  • Hardware and Architecture
  • Software

Cite this

El Ariss, O. A., & Xu, D. (2011). Modeling security attacks with statecharts. In CompArch'11 - Proceedings of the 2011 Federated Events on Component-Based Software Engineering and Software Architecture - QoSA+ISARCS'11 (pp. 123-132) https://doi.org/10.1145/2000259.2000281
El Ariss, Omar A. ; Xu, Dianxiang. / Modeling security attacks with statecharts. CompArch'11 - Proceedings of the 2011 Federated Events on Component-Based Software Engineering and Software Architecture - QoSA+ISARCS'11. 2011. pp. 123-132
@inproceedings{54d216c323774e8c9a6ea415780ee0e8,
title = "Modeling security attacks with statecharts",
abstract = "Software security is becoming a key quality concern as software applications are increasingly being used in untrustworthy computing environments such as the internet. Software is designed with the mindset of its functionalities and cost, where the focus is on the operational behavior while security concerns are neglected or marginally considered. As a result, software engineers build the software while lacking the knowledge about security and its effect on the system. This paper presents an approach for modeling the behavior of security threats using statecharts. The proposed approach introduces modular design for representing threats through the use of components and reusability. Through the focus on the behavior of an attack, software engineers can clearly define and understand security concerns as the application is being designed and developed. In addition, modeling security threats with statecharts makes it convenient to build a consistent semantic link between functional behaviors and security concerns.",
author = "{El Ariss}, {Omar A.} and Dianxiang Xu",
year = "2011",
month = "7",
day = "25",
doi = "10.1145/2000259.2000281",
language = "English (US)",
isbn = "9781450307246",
pages = "123--132",
booktitle = "CompArch'11 - Proceedings of the 2011 Federated Events on Component-Based Software Engineering and Software Architecture - QoSA+ISARCS'11",

}

El Ariss, OA & Xu, D 2011, Modeling security attacks with statecharts. in CompArch'11 - Proceedings of the 2011 Federated Events on Component-Based Software Engineering and Software Architecture - QoSA+ISARCS'11. pp. 123-132, 7th Int. ACM SIGSOFT Conf. on the Quality of Software Archit., QoSA 2011 and the 2nd ACM SIGSOFT Int. Symp. on Archit. Critical Syst., ISARCS 2011, Part of the 2011 Federated Events on Component-Based Software Eng. and Software Archit., CompArch'11, Boulder, CO, United States, 6/20/11. https://doi.org/10.1145/2000259.2000281

Modeling security attacks with statecharts. / El Ariss, Omar A.; Xu, Dianxiang.

CompArch'11 - Proceedings of the 2011 Federated Events on Component-Based Software Engineering and Software Architecture - QoSA+ISARCS'11. 2011. p. 123-132.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Modeling security attacks with statecharts

AU - El Ariss, Omar A.

AU - Xu, Dianxiang

PY - 2011/7/25

Y1 - 2011/7/25

N2 - Software security is becoming a key quality concern as software applications are increasingly being used in untrustworthy computing environments such as the internet. Software is designed with the mindset of its functionalities and cost, where the focus is on the operational behavior while security concerns are neglected or marginally considered. As a result, software engineers build the software while lacking the knowledge about security and its effect on the system. This paper presents an approach for modeling the behavior of security threats using statecharts. The proposed approach introduces modular design for representing threats through the use of components and reusability. Through the focus on the behavior of an attack, software engineers can clearly define and understand security concerns as the application is being designed and developed. In addition, modeling security threats with statecharts makes it convenient to build a consistent semantic link between functional behaviors and security concerns.

AB - Software security is becoming a key quality concern as software applications are increasingly being used in untrustworthy computing environments such as the internet. Software is designed with the mindset of its functionalities and cost, where the focus is on the operational behavior while security concerns are neglected or marginally considered. As a result, software engineers build the software while lacking the knowledge about security and its effect on the system. This paper presents an approach for modeling the behavior of security threats using statecharts. The proposed approach introduces modular design for representing threats through the use of components and reusability. Through the focus on the behavior of an attack, software engineers can clearly define and understand security concerns as the application is being designed and developed. In addition, modeling security threats with statecharts makes it convenient to build a consistent semantic link between functional behaviors and security concerns.

UR - http://www.scopus.com/inward/record.url?scp=79960496487&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=79960496487&partnerID=8YFLogxK

U2 - 10.1145/2000259.2000281

DO - 10.1145/2000259.2000281

M3 - Conference contribution

AN - SCOPUS:79960496487

SN - 9781450307246

SP - 123

EP - 132

BT - CompArch'11 - Proceedings of the 2011 Federated Events on Component-Based Software Engineering and Software Architecture - QoSA+ISARCS'11

ER -

El Ariss OA, Xu D. Modeling security attacks with statecharts. In CompArch'11 - Proceedings of the 2011 Federated Events on Component-Based Software Engineering and Software Architecture - QoSA+ISARCS'11. 2011. p. 123-132 https://doi.org/10.1145/2000259.2000281