Feasibility of Attacks: What is Possible in the Real World - A Framework for Threat Modeling

摘要

In this paper we present a new method to assess risks of attacks faced by a network. Our methodology approaches these risks from the perspective of an attacker in order to bridge the gap created by traditional security schemes which approach from the defender's perspective. These dual perspectives of risk analysis can lead to more effective solutions to security. We describe the various parameters that affect an attack in the real world and use these parameters to analyze the risks of an attack. We also create a model for formally analyzing the risk of an attack using the above parameters. We finally use a case study of jamming attacks on the MAC Layer of the OSI Stack as an illustration and assess the risks for different MAC protocols.