Exportar Publicação

A publicação pode ser exportada nos seguintes formatos: referência da APA (American Psychological Association), referência do IEEE (Institute of Electrical and Electronics Engineers), BibTeX e RIS.

Exportar Referência (APA)
Zhao, T., Lechner, U., Pinto-Albuquerque, M. & Ongu, D. (2023). An ontology-based model for evaluating cloud attack scenarios in CATS: A serious game in cloud security. In Vidmar, M. (Ed.), 2023 IEEE 29th International Conference on Engineering, Technology and Innovation (ICE/ITMC). Edinburgh: IEEE.
Exportar Referência (IEEE)
T. Zhao et al.,  "An ontology-based model for evaluating cloud attack scenarios in CATS: A serious game in cloud security", in 2023 IEEE 29th Int. Conf. on Engineering, Technology and Innovation (ICE/ITMC), Vidmar, M., Ed., Edinburgh, IEEE, 2023
Exportar BibTeX
@inproceedings{zhao2023_1732227141738,
	author = "Zhao, T. and Lechner, U. and Pinto-Albuquerque, M. and Ongu, D.",
	title = "An ontology-based model for evaluating cloud attack scenarios in CATS: A serious game in cloud security",
	booktitle = "2023 IEEE 29th International Conference on Engineering, Technology and Innovation (ICE/ITMC)",
	year = "2023",
	editor = "Vidmar, M.",
	volume = "",
	number = "",
	series = "",
	doi = "10.1109/ICE/ITMC58018.2023.10332371",
	publisher = "IEEE",
	address = "Edinburgh",
	organization = "",
	url = "https://ieeexplore.ieee.org/xpl/conhome/10332254/proceeding"
}
Exportar RIS
TY  - CPAPER
TI  - An ontology-based model for evaluating cloud attack scenarios in CATS: A serious game in cloud security
T2  - 2023 IEEE 29th International Conference on Engineering, Technology and Innovation (ICE/ITMC)
AU  - Zhao, T.
AU  - Lechner, U.
AU  - Pinto-Albuquerque, M.
AU  - Ongu, D.
PY  - 2023
SN  - 2334-315X
DO  - 10.1109/ICE/ITMC58018.2023.10332371
CY  - Edinburgh
UR  - https://ieeexplore.ieee.org/xpl/conhome/10332254/proceeding
AB  - In recent years, the market of cloud services has been growing rapidly. Consequently, cloud security has become a heavily discussed topic in the industry. If cloud assets are misconfigured, it can lead to severe security issues and be exposured to cybersecurity attacks. It is of great importance that industry practitioners understand the security challenges and their responsibilities to protect cloud assets. We designed a serious game: Cloud of Assets and Threats (CATS) as an enrichment to the traditional training method to empower users of the cloud infrastructure in terms of cloud security awareness. In this work, we propose a new ontology-based model to support the evaluation of the simulated attack scenarios in CATS. We share the implementation details and the algorithm, based on the Common Vulnerability Scoring System (CVSS), which is used in CATS to evaluate the simulated attack scenarios. With this innovative effort, we maximize the level to which the CATS game reflects real-world facts, and provide a reasonable level of abstraction in the serious game. Our work contributes to the body of knowledge by extending the existing ontology and applying it in the evaluator algorithm, which stands at the core of our serious game CATS. We apply CATS in training in the industry and discovered that CATS is a promising approach to help the industry practitioners to understand cloud security concepts and raise awareness about cloud security. Scholars in the academic world benefit from the work by gaining experience in instantiating the design science paradigm.
ER  -