Social Engineering Exploits in Automotive Software Security: Modeling Human-targeted Attacks with SAM

↓ Direkt till sidans innehåll
↓ Direkt till sidans sekundära innehåll (sidomenyn)

Search: onr:"swepub:oai:DiVA.org:mdh-62428" > Social Engineering ...

1 of 1
Previous record
Next record
To hitlist

Details
MARC

Bergler, MatthiasTechnische Hochschule Nürnberg, Germany,DPAC (author)

Social Engineering Exploits in Automotive Software Security: Modeling Human-targeted Attacks with SAM

Article/chapterEnglish2021

Publisher, publication year, extent ...

Singapore :Research Publishing Services,2021
electronicrdacarrier

Numbers

LIBRIS-ID:oai:DiVA.org:mdh-62428
https://urn.kb.se/resolve?urn=urn:nbn:se:mdh:diva-62428URI

Supplementary language notes

Language:English
Summary in:English

Part of subdatabase

SwePubSwePub

Classification

Subject category:ref swepub-contenttype
Subject category:kon swepub-publicationtype

Notes

Security cannot be implemented into a system retrospectively without considerable effort, so security must be takeninto consideration already at the beginning of the system development. The engineering of automotive softwareis by no means an exception to this rule. For addressing automotive security, the AUTOSAR and EAST-ADLstandards for domain-specific system and component modeling provide the central foundation as a start. The EASTADLextension SAM enables fully integrated security modeling for traditional feature-targeted attacks. Due to theCOVID-19 pandemic, the number of cyber-attacks has increased tremendously and of these, about 98 percent arebased on social engineering attacks. These social engineering attacks exploit vulnerabilities in human behaviors,rather than vulnerabilities in a system, to inflict damage. And these social engineering attacks also play a relevantbut nonetheless regularly neglected role for automotive software. The contribution of this paper is a novel modelingconcept for social engineering attacks and their criticality assessment integrated into a general automotive softwaresecurity modeling approach. This makes it possible to relate social engineering exploits with feature-related attacks.To elevate the practical usage, we implemented an integration of this concept into the established, domain-specificmodeling tool MetaEdit+. The tool support enables collaboration between stakeholders, calculates vulnerabilityscores, and enables the specification of security objectives and measures to eliminate vulnerabilities.

Subject headings and genre

Added entries (persons, corporate bodies, meetings, titles ...)

Tavakoli Kolagari, RaminMälardalens universitet,Inbyggda system,Technische Hochschule Nürnberg, Germany,DPAC (author)
Tolvanen, Juha-PekkaMetaCase (author)
Zoppelt, MarkusFriedrich Alexander Universität Erlangen, Germany (author)
Technische Hochschule Nürnberg, GermanyDPAC (creator_code:org_t)

Related titles

In:Proceedings of the 31th European Safety and Reliability ConferenceSingapore : Research Publishing Services

Internet link

To the university's database

1 of 1
Previous record
Next record
To hitlist

Find more in SwePub

By the author/editor: Bergler, Matthia ...; Tavakoli Kolagar ...; Tolvanen, Juha-P ...; Zoppelt, Markus

About the subject

NATURAL SCIENCES: NATURAL SCIENCES; and Computer and Inf ...; and Software Enginee ...

Articles in the publication: Proceedings of t ...

By the university: Mälardalen University

Search outside SwePub

Extend your search to:: Google; Google Book Search; Google Scholar

Kungliga biblioteket hanterar dina personuppgifter i enlighet med EU:s dataskyddsförordning (2018), GDPR. Läs mer om hur det funkar här.
Så här hanterar KB dina uppgifter vid användning av denna tjänst.

LIBRIS.kb.se