Producing and Evaluating Crowdsourced Computer Security Attack Trees
We describe the recent developments of an open-source project called RATCHET that can be used by groups of users to collectively construct attack trees. We present the RATCHET framework as well as a model for testing and evaluation of the produced attack trees. RATCHET has been tested in classroom settings with positive results and this paper presents the plans for expanding its outreach to the community at large and building attack trees through crowdsourcing. This paper gives an overview of RATCHET and an introduction to its use.
D. S. Bogaard et al., "Producing and Evaluating Crowdsourced Computer Security Attack Trees," Proceedings of the IEEE Symposium on Technologies for Homeland Security (HST) (2016, Waltham, MA), Institute of Electrical and Electronics Engineers (IEEE), May 2016.
The definitive version is available at https://doi.org/10.1109/THS.2016.7568951
IEEE Symposium on Technologies for Homeland Security, HST 2016 (2016: May 10-11, Waltham, MA)
Keywords and Phrases
Crowdsourcing; National security; Security of data; Security systems; Attack tree; Classroom settings; evaluation; Open source projects; security; Security attacks; Testing and evaluation; Forestry
International Standard Book Number (ISBN)
Article - Conference proceedings
© 2016 Institute of Electrical and Electronics Engineers Inc., All rights reserved.