Towards Automatic Risk Analysis and Mitigation of Software Applications

REGANO, LEONARDO;
2016-01-01

Abstract

This paper proposes a novel semi-automatic risk analysis approach that not only identifies the threats against the assets in a software application, but it is also able to quantify their risks and to suggests the software protections to mitigate them. Built on a formal model of the software, attacks, protections and their relationships, our implementation has shown promising performance on real world applications. This work represents a first step towards a user-friendly expert system for the protection of software applications.
2016
Inglese
Information Security Theory and Practice
978-3-319-45930-1
Springer
120
135
16
WOS:000387956800008
2-s2.0-84990066671
WISTP 2016 - IFIP International Conference on Information Security Throey and Practice
Contributo
Esperti anonimi
September 26–27, 2016
Heraklion, Crete (Greece)
internazionale
scientifica
Software protection
Software risk analysis
Software attacks
no
4 Contributo in Atti di Convegno (Proceeding)::4.1 Contributo in Atti di convegno
Regano, Leonardo; Canavese, Daniele; Basile, Cataldo; Viticchie', Alessio; Lioy, Antonio
273
5
4.1 Contributo in Atti di convegno
none
info:eu-repo/semantics/conferencePaper
Files in This Item:
There are no files associated with this item.

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.

Questionnaire and social

Share on:
Impostazioni cookie