The Use of Attack and Protection Trees to Analyze Security for an Online Banking System

Kenneth Edge; Rusty Baldwin; Robert Bennington; Richard Raines; Michael Grimaila; Christopher Reuter

doi:10.1109/HICSS.2007.558

H
HICSS
2007
40th Annual Hawaii International Conference on System Sciences (HICSS'07)
Abstract - The Use of Attack and Protection Trees to Analyze Security for an Online Banking System

	This Article
	PDF RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Kenneth Edge Articles by Richard Raines Articles by Michael Grimaila Articles by Rusty Baldwin Articles by Robert Bennington Articles by Christopher Reuter

40th Annual Hawaii International Conference on System Sciences (HICSS'07)

The Use of Attack and Protection Trees to Analyze Security for an Online Banking System (PDF)

Big Island, Hawaii

January 03-January 06

ISBN: 0-7695-2755-8

	ASCII Text	x
	Kenneth Edge, Richard Raines, Michael Grimaila, Rusty Baldwin, Robert Bennington, Christopher Reuter, "The Use of Attack and Protection Trees to Analyze Security for an Online Banking System," 2013 46th Hawaii International Conference on System Sciences, pp. 144b, 40th Annual Hawaii International Conference on System Sciences (HICSS'07), 2007.

	BibTex	x
	@article{ 10.1109/HICSS.2007.558, author = {Kenneth Edge and Richard Raines and Michael Grimaila and Rusty Baldwin and Robert Bennington and Christopher Reuter}, title = {The Use of Attack and Protection Trees to Analyze Security for an Online Banking System}, journal ={2013 46th Hawaii International Conference on System Sciences}, volume = {0}, year = {2007}, issn = {1530-1605}, pages = {144b}, doi = {http://doi.ieeecomputersociety.org/10.1109/HICSS.2007.558}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - 2013 46th Hawaii International Conference on System Sciences TI - The Use of Attack and Protection Trees to Analyze Security for an Online Banking System SN - 1530-1605 SP EP A1 - Kenneth Edge, A1 - Richard Raines, A1 - Michael Grimaila, A1 - Rusty Baldwin, A1 - Robert Bennington, A1 - Christopher Reuter, PY - 2007 KW - null VL - 0 JA - 2013 46th Hawaii International Conference on System Sciences ER -

Kenneth Edge, Air Force Institute of Technology, USA

Richard Raines, Air Force Institute of Technology, USA

Michael Grimaila, Air Force Institute of Technology, USA

Rusty Baldwin, Air Force Institute of Technology, USA

Robert Bennington, Air Force Research Laboratory, USA

Christopher Reuter, Air Force Research Laboratory, USA

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/HICSS.2007.558

Online banking has become increasingly important to the profitability of financial institutions as well as adding convenience for their customers. As the number of customers using online banking increases, online banking systems are becoming more desirable targets for criminals to attack. To maintain their customers? trust and confidence in the security of their online bank accounts, financial institutions must identify how attackers compromise accounts and develop methods to protect them. Attack trees and protection trees are a cost effective way to do this. Attack trees highlight the weaknesses in a system and protection trees provide a methodical means of mitigating these weaknesses. In this paper, a notional online banking system is analyzed and protection solutions are proposed for varying budgets.

Citation:

Kenneth Edge, Richard Raines, Michael Grimaila, Rusty Baldwin, Robert Bennington, Christopher Reuter, "The Use of Attack and Protection Trees to Analyze Security for an Online Banking System," hicss, pp.144b, 40th Annual Hawaii International Conference on System Sciences (HICSS'07), 2007

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.