In this paper we identify requirements for choosing a threat modelling formalisation for modelling sophisticated malware such as Duqu 2.0. We discuss the gaps in current formalisations and propose the use of Attack Trees with Sequential Conjunction when it comes to analysing complex attacks. The paper models Duqu 2.0 based on the latest information sourced from formal and informal sources. This paper provides a well structured model which can be used for future analysis of Duqu 2.0 and related attacks.
2nd International Conference on Information Systems Security and Privacy (2016)
Duqu 2.0, Attack Trees with Sequential Conjunction, SAND, Malware Analysis, Threat Modelling
@conference{
author = "Peter Maynard and Kieran McLaughlin and Sakir Sezer",
title = "Modelling Duqu 2.0 Malware using Attack Trees with Sequential Conjunction",
journal = "2nd International Conference on Information Systems Security and Privacy",
year = "2016",
doi = "http://dx.doi.org/10.5220/0005745704650472"
}