Home // ICSEA 2022, The Seventeenth International Conference on Software Engineering Advances // View article

Interactive Visualization Dashboard for Common Attack Pattern Enumeration Classification

Authors:
Mounika Vanamala
Walter Smith
Xiaohong Yuan
Joi Bennett

Keywords: Attack patternss; Common Attack Pattern Enumeration and Classification (CAPEC); visualization, Network graph, tree map

Abstract:
Attack patterns represent computer attackers’ tools, methodologies, and perspective. The Common Attack Pattern Enumeration Classification (CAPEC) provides information about attack patterns which include descriptive textual fields, relationships between different attack patterns, execution flow, mitigations and related Common Weaknesses Enumeration (CWE) weakness and external Mapping. This paper describes an interactive visualization dashboard we developed for displaying the hierarchically structured CAPEC information. The dashboard includes a tree map and a network graph. The tree map visualization displays the hierarchy of CAPEC in a rectangular region in a space-filling manner. The network graph displays the parent child-taxonomy from the CAPEC using nodes and links between nodes. The visualization dashboard displays the external mapping of CAPEC to CWE, Adversarial tactics, techniques, and common knowledge (ATT&CK), The Open Web Application Security Project (OWASP) and Web Application Security Consortium (WASC) taxonomy. This visualization tool improves usability and provides a range of new capabilities for understanding and interacting with the rich content and relationships in CAPEC.

Pages: 69 to 74

Copyright: Copyright (c) IARIA, 2022

Publication date: October 16, 2022

Published in: conference

ISSN: 2308-4235

ISBN: 978-1-61208-997-3

Location: Lisbon, Portugal

Dates: from October 16, 2022 to October 20, 2022