Modeling Vulnerabilities: from Buffer Overflows to Insider Threat

Sophie Engle

This proposal explores how to model all types of vulnerabilities, from traditional vulnerabilities such as buffer overflows to vulnerabilities involving covert channels, social engineering, and insider threat. To achieve this, we look at expanding the Unifying Policy Hierarchy (Carlson 2006) to other areas of security. With a unified formal model that captures these aspects, we can perform more comprehensive threat analysis for a system in a non ad hoc manner.

 

 

 

 

 

---

Home Page	Planned Agenda	Invitation (PDF)
Summary (1 page, PDF)	Current Attendee List	R. S. V. P.
Meeting on June 17 in 1003 John D. Kemper Hall, UC Davis