학술논문
Attack simulation based software protection assessment method
Document Type
Conference
Author
Source
2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security) Cyber Security And Protection Of Digital Services (Cyber Security), 2016 International Conference On. :1-8 Jun, 2016
Subject
Language
Abstract
Software protection is an essential aspect of information security to withstand malicious activities on software, and preserving software assets. However, software developers still lacks a methodology for the assessment of the deployed protections. To solve these issues, we present a novel attack simulation based software protection assessment method to assess and compare various protection solutions. Our solution relies on Petri Nets to specify and visualize attack models, and we developed a Monte Carlo based approach to simulate attacking processes and to deal with uncertainty. Then, based on this simulation and estimation, a novel protection comparison model is proposed to compare different protection solutions. Lastly, our attack simulation based software protection assessment method is presented. We illustrate our method by means of a software protection assessment process to demonstrate that our approach can provide a suitable software protection assessment for developers and software companies.