a simulation optimization approach for information
play

A simulation-optimization approach for information security risk - PowerPoint PPT Presentation

Nov 24, 2022 •301 likes •1.12k views

A simulation-optimization approach for information security risk management Elmar Kiesling, Andreas Ekelhart, Bernhard Grill, Christine Strau, Christian Stummer International Conference on Operations Research September 4, 2013; Rotterdam

  1. A simulation-optimization approach for information security risk management Elmar Kiesling, Andreas Ekelhart, Bernhard Grill, Christine Strauß, Christian Stummer International Conference on Operations Research September 4, 2013; Rotterdam Funded by the Austrian Science Fund under project number P 23122-N23

  2. OR 2013 - A simulation-optimization approach for information security risk management Agenda Introduction Introduction Framework Knowledge base Framework Attack patterns Simulation Knowledge base Optimization Implementation Attack patterns Example Simulation Experimental setup Optimization Results Conclusions Implementation Example Experimental setup Results Conclusions 41

  3. OR 2013 - A simulation-optimization approach for information security risk management Current IT security challenges Introduction 3 ◮ Growing complexity of information systems Framework Knowledge base ◮ More targeted attacks by motivated adversaries Attack patterns Simulation ◮ Increasing sophistication of attacks, exploiting Optimization Implementation ◮ software vulnerabilities Example ◮ network vulnerabilities Experimental setup ◮ cognitive biases Results ◮ insider knowledge and access Conclusions ◮ etc. ◮ Heterogeneity of adversaries hacktivists, script kiddies, insiders, advanced persistent threats . . . → What is the “best” way to mitigate information security risks? 41

  4. OR 2013 - A simulation-optimization approach for information security risk management There are no silver bullets Introduction 4 Security is. . . Framework Knowledge base ◮ not the result of any particular technical measure Attack patterns Simulation ◮ not an absolute concept, but involves tradeoffs Optimization Implementation ◮ meaningless without specifying a threat model Example ◮ a system property that emerges from interactions Experimental setup Results Conclusions “Best” solution is highly context-dependent, e.g., ◮ system characteristics ◮ threat model ◮ available resources ◮ decision-makers’ risk preferences 41

  5. OR 2013 - A simulation-optimization approach for information security risk management Problem definition Introduction Framework 5 Objective: choose an “optimal” set of security controls Knowledge base Attack patterns Simulation Approach: Optimization Implementation 1. Model: Example ◮ abstract causal dependencies Experimental setup ◮ the information system and its context Results ◮ adversary behavior Conclusions 2. Apply control sets and simulate attacks 3. Optimize control sets w.r.t. multiple objectives 4. Support decision-maker in the selection of an efficient control set to implement 41

  6. OR 2013 - A simulation-optimization approach for information security risk management Overview Introduction Framework 6 Knowledge base Attack Scenario Attack patterns Simulation Optimization Attacker Attacker Implementation model objectives Example Experimental setup Knowledge base Results Conclusions Successful attacks Implementation cost Implementation time Detected attacks Successful attack actions Running cost Attack and Control Attack Pattern Abstract Attack Model Linking Attack Graph Simulation Engine System Model 1 1 1 0 0 0 0 1 0 0 1 1 Metaheuristic optimization 41

  7. OR 2013 - A simulation-optimization approach for information security risk management Knowledge base Introduction Framework 7 Knowledge base Attack Scenario Attack patterns Simulation Optimization Attacker Attacker Implementation model objectives Example Experimental setup Knowledge base Results Conclusions Successful attacks Implementation cost Implementation time Detected attacks Successful attack actions Running cost Attack and Control Attack Pattern Abstract Attack Model Linking Attack Graph Simulation Engine System Model 1 1 1 0 0 0 0 1 0 0 1 1 Metaheuristic optimization 41

  8. OR 2013 - A simulation-optimization approach for information security risk management Knowledge base Introduction Framework 8 Knowledge base Attack patterns Simulation Optimization Implementation Example Experimental setup Results Conclusions ◮ Captures abstract attack knowledge ◮ Derived from CAPEC 1 1 http://capec.mitre.org/ 41

  9. Atomic attack actions Condition properties Pre-Conditions Post-Conditions

  10. OR 2013 - A simulation-optimization approach for information security risk management Attack patterns Introduction Framework Knowledge base 10 Attack patterns Simulation Optimization Implementation Example Experimental setup Knowledge base Results Conclusions Attack and Control Attack Pattern Model Linking System Model 41

  11. OR 2013 - A simulation-optimization approach for information security risk management Attack pattern linking Introduction Framework Knowledge base 11 Attack patterns Simulation Optimization Implementation Example Experimental setup Results Conclusions 41

  12. OR 2013 - A simulation-optimization approach for information security risk management Attack pattern linking Introduction Framework Knowledge base 11 Attack patterns Simulation Optimization Implementation Example Experimental setup + Results Conclusions 41

  13. OR 2013 - A simulation-optimization approach for information security risk management Attack pattern linking Introduction Framework Knowledge base 11 Attack patterns Simulation Optimization Implementation Example Experimental setup + Results Conclusions 41

  14. OR 2013 - A simulation-optimization approach for information security risk management Attack pattern linking Introduction Framework Knowledge base 11 Attack patterns Simulation Optimization Implementation Example Experimental setup Results Conclusions 41

  15. OR 2013 - A simulation-optimization approach for information security risk management Attack pattern linking Introduction Framework Knowledge base 11 Attack patterns Simulation Optimization Implementation Example Experimental setup Results Conclusions 41

  16. OR 2013 - A simulation-optimization approach for information security risk management CAPEC [?] Introduction ◮ Publicly available list of common attack patterns Framework ◮ 413 patterns described in varying levels of detail Knowledge base 12 ◮ Not fully formalized (textual descriptions) Attack patterns Simulation Optimization Implementation Transformation: Example 1. Generic CAPEC pattern → more specific actions Experimental setup Results e.g., “134 Email Injection” → emailKeylogger , emailBackdoor Conclusions 2. Single CAPEC pattern → sequential atomic actions e.g., “49 Brute Forcing" → bruteForce , accessHost , accessData 3. Add additional actions e.g., accessData, accessHost 4. Formalize ◮ preconditions ◮ postconditions ◮ impact 41

  17. OR 2013 - A simulation-optimization approach for information security risk management CAPEC example: Brute Force (1) Introduction Brute Force Attack Pattern ID: 112 ( Standard Attack Pattern Completeness: Typical Severity: High Status: Draft Framework Complete ) Description Knowledge base Summary 13 Attack patterns In this attack, some asset (information, functionality, identity, etc.) is protected by a finite secret value. The attacker attempts to gain access to this asset by using trial-and-error to exhaustively explore all the possible secret values in the hope of finding the secret (or a value that is functionally equivalent) that Simulation will unlock the asset. Examples of secrets can include, but are not limited to, passwords, encryption keys, database lookup keys, and initial values to one-way functions. Optimization The key factor in this attack is the attacker's ability to explore the possible secret space rapidly. This, in turn, is a function of the size of the secret space and the computational power the attacker is able to bring to bear on the problem. If the attacker has modest resources and the secret space is large, the Implementation challenge facing the attacker is intractable. While the defender cannot control the resources available to an attacker, they can control the size of the secret space. Creating a large secret space involves selecting one's secret from as large a field of equally likely alternative secrets as possible and ensuring that an attacker is unable to reduce the size of this field using available clues or cryptoanalysis. Doing this is more difficult than it sounds since elimination of Example patterns (which, in turn, would provide an attacker clues that would help them reduce the space of potential secrets) is difficult to do using deterministic machines, such as computers. Assuming a finite secret space, a brute force attack will eventually succeed. The defender must rely on making sure that the Experimental setup time and resources necessary to do so will exceed the value of the information. For example, a secret space that will likely take hundreds of years to explore is likely safe from raw-brute force attacks. Results Attack Execution Flow Conclusions 41

Recommend

Simulation-based optimization of information security controls: An adversary-centric approach

Simulation-based optimization of information security controls: An adversary-centric approach

Simulation-based optimization of information security controls: An adversary-centric approach Elmar Kiesling, Andreas Ekelhart, Bernhard Grill, Christine Strau, Christian Stummer December 9, 2013; Washington, DC Funded by the Austrian

1.01k views • 88 slides
to Simulation Optimization to Simulation, Optimization, and back Biology Physics

to Simulation Optimization to Simulation, Optimization, and back Biology Physics

EDA among Sci & Eng fields EDA among Sci & Eng fields CS CS EDA EDA EE EE From Computability to Simulation Optimization to Simulation, Optimization, and back Biology Physics Igor Markov University of Michigan

299 views • 4 slides
Some Topics in Optimization for Simulation Michael Fu University of Maryland The ACNW

Some Topics in Optimization for Simulation Michael Fu University of Maryland The ACNW

Some Topics in Optimization for Simulation Michael Fu University of Maryland The ACNW OPTIMIZATION TUTORIALS June 13, 2005 Tres Tapas A Soft Overview: Optimization for Simulation (JOC & Annals OR papers) A Little Tutorial:

1.01k views • 54 slides
Optimization and Simulation Introduction to simulation Michel Bierlaire Transport and Mobility

Optimization and Simulation Introduction to simulation Michel Bierlaire Transport and Mobility

Optimization and Simulation Introduction to simulation Michel Bierlaire Transport and Mobility Laboratory School of Architecture, Civil and Environmental Engineering Ecole Polytechnique F ed erale de Lausanne M. Bierlaire (TRANSP-OR ENAC

864 views • 32 slides
Optimization and Simulation Optimization Michel Bierlaire Transport and Mobility Laboratory

Optimization and Simulation Optimization Michel Bierlaire Transport and Mobility Laboratory

Optimization and Simulation Optimization Michel Bierlaire Transport and Mobility Laboratory School of Architecture, Civil and Environmental Engineering Ecole Polytechnique F ed erale de Lausanne M. Bierlaire (TRANSP-OR ENAC EPFL)

1.37k views • 108 slides
Optimization and Simulation Constrained optimization Michel Bierlaire Transport and Mobility

Optimization and Simulation Constrained optimization Michel Bierlaire Transport and Mobility

Optimization and Simulation Constrained optimization Michel Bierlaire Transport and Mobility Laboratory School of Architecture, Civil and Environmental Engineering Ecole Polytechnique F ed erale de Lausanne M. Bierlaire (TRANSP-OR ENAC

1.02k views • 72 slides
Optimization and Simulation Constrained optimization Michel Bierlaire michel.bierlaire@epfl.ch

Optimization and Simulation Constrained optimization Michel Bierlaire michel.bierlaire@epfl.ch

Optimization and Simulation Constrained optimization Michel Bierlaire michel.bierlaire@epfl.ch Transport and Mobility Laboratory Optimization and Simulation p. 1/51 The problem Generic problem: x R n f ( x ) min subject to [ h : R n

721 views • 51 slides
Optimization and Simulation Multi-objective optimization Michel Bierlaire Transport and Mobility

Optimization and Simulation Multi-objective optimization Michel Bierlaire Transport and Mobility

Optimization and Simulation Multi-objective optimization Michel Bierlaire Transport and Mobility Laboratory School of Architecture, Civil and Environmental Engineering Ecole Polytechnique F ed erale de Lausanne M. Bierlaire (TRANSP-OR

528 views • 22 slides
Mathematical Simulation and Michael D ohler Zheng He Optimization of Semiconductor Devices

Mathematical Simulation and Michael D ohler Zheng He Optimization of Semiconductor Devices

Mathematical Simulation and Optimization of Semiconductor Devices Mathematical Simulation and Michael D ohler Zheng He Optimization of Semiconductor Devices Maike Lorenz Philipp Monreal Aleksandra Rakic Sapna Sharma Instructor:

884 views • 53 slides
PATMOS2010 PATMOS2010 Optimization and Simulation Optimization and Simulation, Grenoble, France

PATMOS2010 PATMOS2010 Optimization and Simulation Optimization and Simulation, Grenoble, France

20th International Workshop 20th International Workshop on Power and Timing Modeling. on Power and Timing Modeling. PATMOS2010 PATMOS2010 Optimization and Simulation Optimization and Simulation, Grenoble, France Residue arithmetic for

387 views • 14 slides
Performance Optimization: Performance Optimizatio n: Simulation and Real Measurement Simulation

Performance Optimization: Performance Optimizatio n: Simulation and Real Measurement Simulation

Performance Optimization: Performance Optimizatio n: Simulation and Real Measurement Simulation and Real Measurement Josef Weidendorfer KDE Developer Conference 2004 Ludwigsburg, Germany Agenda Agenda Introduction Performance

492 views • 30 slides
A Global Optimization Approach to Structured Regulation Design under H Constraints Dominique

A Global Optimization Approach to Structured Regulation Design under H Constraints Dominique

Introduction Global optimization approach: Branch and Bound H norm of MISO systems Example Conclusion A Global Optimization Approach to Structured Regulation Design under H Constraints Dominique Monnet, Jordan Ninin, Beno t Cl

473 views • 25 slides
Optimization-based approach to congestion control Resource allocation as optimization problem:

Optimization-based approach to congestion control Resource allocation as optimization problem:

Optimization-based approach to congestion control Resource allocation as optimization problem: how to allocate resources (e.g., bandwidth) to optimize some objective function may not possible that optimality exactly obtained but

697 views • 38 slides
Empirically Comparing the Finite-Time Performance of Simulation-Optimization Algorithms Anna Dong,

Empirically Comparing the Finite-Time Performance of Simulation-Optimization Algorithms Anna Dong,

Empirically Comparing the Finite-Time Performance of Simulation-Optimization Algorithms Anna Dong, David Eckman , Xueqi Zhao, Shane Henderson Cornell University Matthias Poloczek University of Arizona Winter Simulation Conference December 5,

818 views • 26 slides
A GENERAL-PURPOSE CRN-TO-DSD COMPILER WITH FORMAL VERIFICATION, OPTIMIZATION, AND SIMULATION

A GENERAL-PURPOSE CRN-TO-DSD COMPILER WITH FORMAL VERIFICATION, OPTIMIZATION, AND SIMULATION

A GENERAL-PURPOSE CRN-TO-DSD COMPILER WITH FORMAL VERIFICATION, OPTIMIZATION, AND SIMULATION CAPABILITIES Stefan Badelt , Seung Woo Shin, Robert F. Johnson, Qing Dong, Chris Thachuk, and Erik Winfree DNA and Natural Algorithms (DNA) Group,

320 views • 28 slides
Information Geometric Optimization How information theory sheds new light on black-box

Information Geometric Optimization How information theory sheds new light on black-box

Information Geometric Optimization How information theory sheds new light on black-box optimization Anne Auger, Inria and CMAP Main reference: Y Ollivier, L. Arnold, A. Auger, N. Hansen, Information-Geometric Optimization Algorithms: A

339 views • 29 slides
THE EXPLODING DOMAIN OF SIMULATION OPTIMIZATION Jay April Fred Glover James P. Kelly Manuel

THE EXPLODING DOMAIN OF SIMULATION OPTIMIZATION Jay April Fred Glover James P. Kelly Manuel

THE EXPLODING DOMAIN OF SIMULATION OPTIMIZATION Jay April Fred Glover James P. Kelly Manuel Laguna OptTek Systems 1919 7 th Street Boulder, CO 80302 303.447.3255 www.opttek.com 1. Background and Importance. The merging of optimization and

133 views • 11 slides
OR OR and and 2 Simulation Simulation for for Health Care Optimization Health Care

OR OR and and 2 Simulation Simulation for for Health Care Optimization Health Care

1 OR OR and and 2 Simulation Simulation for for Health Care Optimization Health Care Optimization OR and Simulation M Healthcare PW 2010 Two parallel servers Two parallel servers OR and Simulation M Healthcare PW 2010 1

946 views • 81 slides
A Simulation-Driven Approach for Assessing Risks of Complex Systems Fabrizio Baiardi 1 Claudio

A Simulation-Driven Approach for Assessing Risks of Complex Systems Fabrizio Baiardi 1 Claudio

Complex Systems A Simulation-Based Approach Current Prototype Conclusions A Simulation-Driven Approach for Assessing Risks of Complex Systems Fabrizio Baiardi 1 Claudio Telmon 1 Daniele Sgandurra 2 1 Dipartimento di Informatica, Universit` a

601 views • 29 slides
Simulation and optimization for the design and management of hydroelectric works Andreas

Simulation and optimization for the design and management of hydroelectric works Andreas

Renewable Energy and Hydroelectric Projects 8 th semester, School of Civil Engineering Lecture Notes Simulation and optimization for the design and management of hydroelectric works Andreas Efstratiadis, Nikos Mamassis & Demetris

387 views • 35 slides
Optimization of Photolithography Process Using Simulation Introduction The progress in

Optimization of Photolithography Process Using Simulation Introduction The progress in

Optimization of Photolithography Process Using Simulation Introduction The progress in semiconductor technology towards even smaller device geometries demands continuous refinements of photolithography process. Lithography

508 views • 39 slides
R&D, a Dutch Approach How The Royal Netherlands Simulation Centre applies rapid

R&D, a Dutch Approach How The Royal Netherlands Simulation Centre applies rapid

R&D, a Dutch Approach How The Royal Netherlands Simulation Centre applies rapid prototyping, working with interns and using Commercial Of The Shelf NATO UNCLASSIFIED Technology Ministry of Defence Simulation Centre for Land Warfare

430 views • 20 slides
DiffTaichi: Differentiable Programming for Physical Simulation End2end optimization of neural

DiffTaichi: Differentiable Programming for Physical Simulation End2end optimization of neural

1 Yuanming Hu, Luke Anderson, Tzu-Mao Li, Qi Sun, Nathan Carr, Jonathan Ragan-Kelley, Fredo Durand (ICLR 2020) DiffTaichi: Differentiable Programming for Physical Simulation End2end optimization of neural network controllers with gradient

1.03k views • 91 slides
The Scenario Approach: Robust Optimization and Application to Control M.C. Campi University of

The Scenario Approach: Robust Optimization and Application to Control M.C. Campi University of

The Scenario Approach: Robust Optimization and Application to Control M.C. Campi University of Brescia E-Mail: campi@ing.unibs.it A general fact: convex optimization is easy but robust convex optimization is hard min c T x subject to:

580 views • 29 slides

More recommend