Abstract
This paper presents and discusses the current state of Graphical Security Models (GrSM), in terms of four GrSM phases: (i) generation, (ii) representation, (iii) evaluation, and (iv) modification. Although many studies focused on improving the usability, efficiency, and functionality of GrSMs (e.g., by using various model types and evaluation techniques), the networked system is evolving with many hosts and frequently changing topologies (e.g., Cloud, SDN, IoT etc.). To investigate the usability of GrSMs, this survey summarizes the characteristics of past research studies in terms of their development and computational complexity analysis, and specify their applications in terms of security metrics, availability of tools and their applicable domains. We also discuss the practical issues of modeling security, differences of GrSMs and their usability for future networks that are large and dynamic.
Original language | English (US) |
---|---|
Pages (from-to) | 1-16 |
Number of pages | 16 |
Journal | Computer Science Review |
Volume | 26 |
DOIs | |
State | Published - Nov 2017 |
Keywords
- Attack graphs
- Attack trees
- Security analysis
- Security metrics
- Security models
ASJC Scopus subject areas
- Theoretical Computer Science
- General Computer Science