APT RPG: Design of a Gamified Attacker/Defender Meta Model
Robert Luh, Marlies Temper, Simon Tjoa, Sebastian Schrittwieser
2018
Abstract
We present a meta model for comprehensive, time-enabled attacker/defender behavior ready for incorporation in a dynamic, imperfect information multi-player game that derives significant parts of its ruleset from established information security sources such as STIX, CAPEC, CVE/CWE and NIST SP800-53. Concrete attack patterns, vulnerabilities, and mitigating controls are mapped to their counterpart strategies and actions through practical, data-centric mechanisms. The gamified model furthermore considers and defines a wide range of actors, assets, and actions, thereby enabling a detailed assessment of cyber risks while giving analysts the opportunity to explore specific attack scenarios in the context of their own infrastructure.
DownloadPaper Citation
in Harvard Style
Luh R., Temper M., Tjoa S. and Schrittwieser S. (2018). APT RPG: Design of a Gamified Attacker/Defender Meta Model.In Proceedings of the 4th International Conference on Information Systems Security and Privacy - Volume 1: ForSE, ISBN 978-989-758-282-0, pages 526-537. DOI: 10.5220/0006717805260537
in Bibtex Style
@conference{forse18,
author={Robert Luh and Marlies Temper and Simon Tjoa and Sebastian Schrittwieser},
title={APT RPG: Design of a Gamified Attacker/Defender Meta Model},
booktitle={Proceedings of the 4th International Conference on Information Systems Security and Privacy - Volume 1: ForSE,},
year={2018},
pages={526-537},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006717805260537},
isbn={978-989-758-282-0},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 4th International Conference on Information Systems Security and Privacy - Volume 1: ForSE,
TI - APT RPG: Design of a Gamified Attacker/Defender Meta Model
SN - 978-989-758-282-0
AU - Luh R.
AU - Temper M.
AU - Tjoa S.
AU - Schrittwieser S.
PY - 2018
SP - 526
EP - 537
DO - 10.5220/0006717805260537