APT RPG: Design of a Gamified Attacker/Defender Meta Model

Robert Luh, Marlies Temper, Simon Tjoa, Sebastian Schrittwieser

Abstract

We present a meta model for comprehensive, time-enabled attacker/defender behavior ready for incorporation in a dynamic, imperfect information multi-player game that derives significant parts of its ruleset from established information security sources such as STIX, CAPEC, CVE/CWE and NIST SP800-53. Concrete attack patterns, vulnerabilities, and mitigating controls are mapped to their counterpart strategies and actions through practical, data-centric mechanisms. The gamified model furthermore considers and defines a wide range of actors, assets, and actions, thereby enabling a detailed assessment of cyber risks while giving analysts the opportunity to explore specific attack scenarios in the context of their own infrastructure.

References

Download


Paper Citation


in Harvard Style

Luh R., Temper M., Tjoa S. and Schrittwieser S. (2018). APT RPG: Design of a Gamified Attacker/Defender Meta Model.In Proceedings of the 4th International Conference on Information Systems Security and Privacy - Volume 1: ForSE, ISBN 978-989-758-282-0, pages 526-537. DOI: 10.5220/0006717805260537


in Bibtex Style

@conference{forse18,
author={Robert Luh and Marlies Temper and Simon Tjoa and Sebastian Schrittwieser},
title={APT RPG: Design of a Gamified Attacker/Defender Meta Model},
booktitle={Proceedings of the 4th International Conference on Information Systems Security and Privacy - Volume 1: ForSE,},
year={2018},
pages={526-537},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006717805260537},
isbn={978-989-758-282-0},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 4th International Conference on Information Systems Security and Privacy - Volume 1: ForSE,
TI - APT RPG: Design of a Gamified Attacker/Defender Meta Model
SN - 978-989-758-282-0
AU - Luh R.
AU - Temper M.
AU - Tjoa S.
AU - Schrittwieser S.
PY - 2018
SP - 526
EP - 537
DO - 10.5220/0006717805260537