Attack Surface Description Language

Supplemental Files
Date
2021-01-01
Authors
Nalluri, Dheepak
Major Professor
Thomas Daniels
Advisor
Committee Member
Journal Title
Journal ISSN
Volume Title
Publisher
Altmetrics
Authors
Research Projects
Organizational Units
Computer Science
Organizational Unit
Journal Issue
Series
Department
Computer Science
Abstract

Documenting and describing attack surfaces is a common tactic in parts of the industry for various reasons. Some for open design, and others for penetration testing. Either way, there is no standardized methods for documenting attack surfaces. This paper presents an Attack Surface Description Language (ASDL), a way to describe and present a device’s attack surfaces. These surfaces can be documented as known or unknown in a way that allows Blackbox testers to use ASDL as well. Complex structures can also be represented with dependencies on lower-level structures. Ease of use and flexibility was also taken into account in the design of ASDL to make it more efficient and less tedious to use.

Comments
Description
Keywords
Citation
DOI
Source