Towards security evaluation based on evidence collection (Short paper)

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

Abstract

Information security evaluation of software-intensive systems typically relies heavily on the experience of the security professionals. Obviously, automated approaches are needed in this field. Unfortunately, there is no practical approach to carrying out security evaluation in a systematic way. We introduce a general-level holistic framework for security evaluation based on security behavior modeling and security evidence collection, and discuss its applicability to the design of security evaluation experimentation set-ups in real-world systems.
Original languageEnglish
Title of host publicationProceedings of the 3rd International Conference on Fuzzy Systems and Knowledge Discovery, FSKD 2006
Place of PublicationBerlin
PublisherSpringer
Pages1178-1181
ISBN (Print)3-540-45916-2
DOIs
Publication statusPublished - 2006
MoE publication typeA4 Article in a conference publication
Event3rd International Conference on Fuzzy Systems and Knowledge Discovery, FSKD 2006 - Xi'an, China
Duration: 24 Sep 200628 Sep 2006

Publication series

SeriesLecture Notes in Computer Science
Number4223
ISSN0302-9743

Conference

Conference3rd International Conference on Fuzzy Systems and Knowledge Discovery, FSKD 2006
Abbreviated titleFSKD 2006
CountryChina
CityXi'an
Period24/09/0628/09/06

    Fingerprint

Keywords

  • information security
  • software
  • security
  • security evaluation

Cite this

Savola, R. (2006). Towards security evaluation based on evidence collection (Short paper). In Proceedings of the 3rd International Conference on Fuzzy Systems and Knowledge Discovery, FSKD 2006 (pp. 1178-1181). Springer. Lecture Notes in Computer Science, No. 4223 https://doi.org/10.1007/11881599_146