Quantitative Evaluation of Attack Defense Trees using Stochastic Timed Automata

Abstract : Security analysis is without doubt one of the most important issues in a society relying heavily on computer infrastructure. Unfortunately security analysis is also very difficult due to the complexity of systems. This is bad enough when dealing with ones own computer systems-but nowadays organisations rely on third-party services-cloud services-along with their own antiquated legacy systems. Combined this makes it overwhelming difficult to obtain an overview of possible attack scenarios. Luckily, some formalisms such as attack trees exists that can help security analysts. However, temporal behaviour of the attacker is rarely considered by these formalisms. In this paper we build upon previous work on attack-defence trees to build a proper temporal semantics. We consider the attack-defence tree a reachability objective for an attacker and thereby separates the attacker logic from the attack-defence tree. We give a temporal stochastic semantics for arbitrary attackers (adhering to certain requirements to make the attacker " sane ") and we allow annotating attacker actions with time-dependent costs. Furthermore, we define what we call a cost-preserving attacker profile and we define a parameterised attacker profile. The defined semantics is implemented via a translation to uppaal SMC. Using uppaal SMC we answers various questions such as the expected cost of an attack, we find the probability of a successful attack and we even show how an attacker can find a optimal parameter setting using ANOVA and Tukeys test.
Type de document :
Communication dans un congrès
GraMSec 2017 - The Fourth International Workshop on Graphical Models for Security, Aug 2017, Santa Barbara United States
Liste complète des métadonnées

Littérature citée [16 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01640091
Contributeur : Nisrine Jafri <>
Soumis le : lundi 20 novembre 2017 - 16:47:16
Dernière modification le : jeudi 11 janvier 2018 - 06:28:15

Fichier

GramSec17_paper_5.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : hal-01640091, version 1

Citation

Peter Gjøl Jensen, Kim Larsen, Axel Legay, Danny Poulsen. Quantitative Evaluation of Attack Defense Trees using Stochastic Timed Automata. GraMSec 2017 - The Fourth International Workshop on Graphical Models for Security, Aug 2017, Santa Barbara United States. 〈hal-01640091〉

Partager

Métriques

Consultations de la notice

60

Téléchargements de fichiers

23