Modelling attack-defense trees using timed automata
| Autor: | Gadyatskaya, Olga, Hansen, René Rydhof, Larsen, Kim Guldstrand, Legay, Axel, Olesen, Mads Chr., Poulsen, Danny Bøgsted, Fränzle, Martin, Markey, Nicolas |
|---|---|
| Přispěvatelé: | University of Luxembourg [Luxembourg], University of Trento [Trento], Department of Computer Science [Copenhagen] (DIKU), Faculty of Science [Copenhagen], University of Copenhagen = Københavns Universitet (KU)-University of Copenhagen = Københavns Universitet (KU), Center for Indlejrede Software Systemer (CISS), Aalborg University [Denmark] (AAU), Threat Analysis and Mitigation for Information Security (TAMIS), Inria Rennes – Bretagne Atlantique, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-LANGAGE ET GÉNIE LOGICIEL (IRISA-D4), Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), Université de Rennes 1 (UR1), Université de Rennes (UNIV-RENNES)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-Université de Rennes 1 (UR1), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS), University of Copenhagen = Københavns Universitet (UCPH)-University of Copenhagen = Københavns Universitet (UCPH), Université de Rennes (UR)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-Université de Rennes (UR)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS) |
| Jazyk: | angličtina |
| Rok vydání: | 2016 |
| Předmět: |
Fault tree analysis
Model checking Computer science business.industry Attack tree Cloud computing 0102 computer and information sciences 02 engineering and technology Computer security computer.software_genre ENCODE 01 natural sciences n/a OA procedure Automaton EC Grant Agreement nr.: FP7/318003 010201 computation theory & mathematics Safety engineering 0202 electrical engineering electronic engineering information engineering Probability mass function 020201 artificial intelligence & image processing [INFO]Computer Science [cs] business computer |
| Zdroj: | FORMATS 2016-14th International Conference on Formal Modelling and Analysis of Timed Systems FORMATS 2016-14th International Conference on Formal Modelling and Analysis of Timed Systems, Aug 2016, Quebec City, Canada. pp.35-50, ⟨10.1007/978-3-319-44878-7_3⟩ Gadyatskaya, O, Hansen, R R, Larsen, K G, Legay, A, Olesen, M C & Poulsen, D B 2016, Modelling Attack-defense Trees Using Timed Automata . in Formal Modeling and Analysis of Timed Systems . Springer, Lecture Notes in Computer Science, vol. 9884, pp. 35-50, 14th International Conference on Formal Modelling and Analysis of Timed Systems, Quebec City, Canada, 24/08/2016 . https://doi.org/10.1007/978-3-319-44878-7_3 Lecture Notes in Computer Science Lecture Notes in Computer Science-Formal Modeling and Analysis of Timed Systems Lecture Notes in Computer Science ISBN: 9783319448770 FORMATS Formal Modeling and Analysis of Timed Systems: 14th International Conference, FORMATS 2016, Quebec, QC, Canada, August 24-26, 2016, Proceedings, 35-50 STARTPAGE=35;ENDPAGE=50;TITLE=Formal Modeling and Analysis of Timed Systems |
| ISSN: | 0302-9743 1611-3349 |
| DOI: | 10.1007/978-3-319-44878-7_3 |
| Popis: | International audience; Performing a thorough security risk assessment of an organisation has always been challenging, but with the increased reliance on outsourced and off-site third-party services, i.e., " cloud services " , combined with internal (legacy) IT-infrastructure and-services, it has become a very difficult and time-consuming task. One of the traditional tools available to ease the burden of performing a security risk assessment and structure security analyses in general is attack trees [19, 23, 24], a tree-based formalism inspired by fault trees, a well-known formalism used in safety engineering. In this paper we study an extension of traditional attack trees, called attack-defense trees, in which not only the attacker's actions are modelled, but also the defensive actions taken by the attacked party [15]. In this work we use the attack-defense tree as a goal an attacker wants to achieve, and separate the behaviour of the attacker and defender from the attack-defense-tree. We give a fully stochastic timed semantics for the behaviour of the attacker by introducing attacker profiles that choose actions probabilistically and execute these according to a probability density. Lastly, the stochastic semantics provides success probabilitites for individual actions. Furthermore, we show how to introduce costs of attacker actions. Finally, we show how to automatically encode it all with a network of timed automata, an encoding that enables us to apply state-of-the-art model checking tools and techniques to perform fully automated quantitative and qualitative analyses of the modelled system. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|