assisted generation of attack trees the atsyraprototype
play

Assisted Generation of Attack Trees : the ATSyRAprototype Sophie - PowerPoint PPT Presentation

Feb 03, 2023 •468 likes •798 views

Assisted Generation of Attack Trees : the ATSyRAprototype Sophie Pinchinat joint work with Mathieu Acher and Didier Vojtisek Universit e de Rennes 1 GraMSec, 13 July 2015 Outline Introductory example 1 Goal decomposition High-level

  1. Assisted Generation of Attack Trees : the ATSyRAprototype Sophie Pinchinat joint work with Mathieu Acher and Didier Vojtisek Universit´ e de Rennes 1 GraMSec, 13 July 2015

  2. Outline Introductory example 1 Goal decomposition High-level actions Experimenting ATSyRA 2 The ATSyRA prototype 3 2

  3. Introductory example Outline Introductory example 1 Goal decomposition High-level actions Experimenting ATSyRA 2 The ATSyRA prototype 3 3

  4. Introductory example A Building Specification 4

  5. Introductory example A three-level building 5

  6. Introductory example The attack objective Item locations Attacker 6

  7. Introductory example Do you think this is possible? How? 7

  8. Introductory example ATSyRA response We analyze a transition system of ≈ 1 . 6 × 10 13 states Existence of an attack scenarios: There is an attack ! 8

  9. Introductory example ATSyRA response We analyze a transition system of ≈ 1 . 6 × 10 13 states Attack scenarios generation TIMEOUT! even pushing it to a 10mn-long computation 8

  10. Introductory example What would the expert do in such a case? 9

  11. Introductory example Goal decomposition Goal decomposition (similarly to proof assistant tools) � � Outside ↓ Goal � � document Outside notDetected � � Outside ↓   direction access card Subgoal 1 staff access card   FF SupervisingPC  supervisiongPC key    notDetected  direction access card  staff access card   FF SupervisingPC   supervisiongPC key   Subgoal 2 notDetected ↓ � � document Outside notDetected 10

  12. Introductory example Goal decomposition   direction access card Subgoal 1: staff access card   Outside � � → FF SupervisingPC   supervisiongPC key   notDetected 11

  13. Introductory example Goal decomposition ATSyRA response for Subgoal 1   direction access card staff access card   � � Outside → FF SupervisingPC   supervisiongPC key   notDetected 12

  14. Introductory example Goal decomposition ATSyRA response for Subgoal 1   direction access card staff access card   � � Outside → FF SupervisingPC   supervisiongPC key   notDetected STILL TOO COMPLEX 12

  15. Introductory example Goal decomposition   direction access card Subgoal 2: � � staff access card document   FF SupervisingPC → Outside   supervisiongPC key notDetected   notDetected 13

  16. Introductory example Goal decomposition ATSyRA response for Subgoal 2 14

  17. Introductory example Goal decomposition ATSyRA response for Subgoal 2 virtual unlock_porte_PCSurveillance virtual virtual open_porte_PCSurveillance deactivate_alarme_batiment go_from_N2_PCSurveillance_to_N2_Couloir_by_porte_PCSurveillance unlock_ascenseur_dupersonnel_2_3 open_ascenseur_dupersonnel_2_3 go_from_N2_Couloir_to_N3_BureauAssistantDirection_by_ascenseur_dupersonnel_2_3 virtual virtual virtual go_from_N3_BureauAssistantDirection_to_N3_BureauDirection_by_porte_BureauDirection take_document go_from_N3_BureauDirection_to_N3_BureauAssistantDirection_by_porte_BureauDirection virtual unlock_ascenseur_dupersonnel_1_3 virtual go_from_N3_BureauAssistantDirection_to_HallEntree_by_ascenseur_dupersonnel_1_3 go_from_HallEntree_to_Ext_by_EntreePrincipale virtual virtual virtual virtual go_from_N3_BureauAssistantDirection_to_N2_Couloir_by_ascenseur_dupersonnel_2_3 go_from_N2_Couloir_to_N2_EchelleSecoursPonton_by_porte_N2_EchelleSecours open_echelle_secours_1_2 go_from_N2_EchelleSecoursPonton_to_Ext_by_echelle_secours_1_2 unlock_ascenseur_dupersonnel_1_3 open_ascenseur_dupersonnel_1_3 go_from_N3_BureauAssistantDirection_to_HallEntree_by_ascenseur_dupersonnel_1_3 go_from_HallEntree_to_Ext_by_EntreePrincipale open_ascenseur_dupersonnel_1_3 go_from_N3_BureauAssistantDirection_to_N3_BureauDirection_by_porte_BureauDirection take_document go_from_N3_BureauDirection_to_N3_BureauAssistantDirection_by_porte_BureauDirection go_from_N3_BureauAssistantDirection_to_N3_BureauDirection_by_porte_BureauDirection take_document go_from_N3_BureauDirection_to_N3_BureauAssistantDirection_by_porte_BureauDirection open_ascenseur_dupersonnel_1_3 15

  18. Introductory example High-level actions High-level actions for Subgoal 2 ⇓ ⇓ 16

  19. Introductory example High-level actions High-level actions for Subgoal 2 17

  20. Introductory example High-level actions High-level actions Low-level actions are automatically generated 18

  21. Introductory example High-level actions High-level actions Low-level actions are automatically generated “Easy” higher-level actions can be generated 18

  22. Introductory example High-level actions High-level actions Low-level actions are automatically generated “Easy” higher-level actions can be generated The expert can also develop his vocabulary 18

  23. Introductory example High-level actions High-level actions Low-level actions are automatically generated “Easy” higher-level actions can be generated The expert can also develop his vocabulary HLA expressions HLA ID = α ; where α ::= a | ( α | α ) | α, α | α & α The expert can also stratify 18

  24. Experimenting ATSyRA Outline Introductory example 1 Goal decomposition High-level actions Experimenting ATSyRA 2 The ATSyRA prototype 3 19

  25. Experimenting ATSyRA   direction access card Subgoal 2: � � staff access card document   FF SupervisingPC → Outside   supervisiongPC key notDetected   notDetected 20

  26. The ATSyRA prototype Outline Introductory example 1 Goal decomposition High-level actions Experimenting ATSyRA 2 The ATSyRA prototype 3 21

  27. The ATSyRA prototype The ATSyRA workflow System description HLA start (1) start (3) (DSL) description (DSL) Reachability analysis Set of attack (a) (2) Model-checking scenarios ➁ ➀ Synthesis (b) ➂ Attack tree (4) ➃ Attack tree analysis tool (ADTool) 22

  28. The ATSyRA prototype Discussion Short term Improve both specification languages Easy ways to select a subgoal, a sub-building, etc. Connect subgoals For subgoal: exploit temporal logic from the Model-checker (e.g. ( ¬ staff access card.pos=attacker) U (reach goal).) Select/suggest a virtual node to generate an HLA 23

  29. The ATSyRA prototype Discussion Short term Improve both specification languages Easy ways to select a subgoal, a sub-building, etc. Connect subgoals For subgoal: exploit temporal logic from the Model-checker (e.g. ( ¬ staff access card.pos=attacker) U (reach goal).) Select/suggest a virtual node to generate an HLA Good tools for editing trees, choose abstract level for display 23

  30. The ATSyRA prototype Discussion Short term Improve both specification languages Easy ways to select a subgoal, a sub-building, etc. Connect subgoals For subgoal: exploit temporal logic from the Model-checker (e.g. ( ¬ staff access card.pos=attacker) U (reach goal).) Select/suggest a virtual node to generate an HLA Good tools for editing trees, choose abstract level for display Parsing scenorios with HLA Very combinatorial, currently the rules are not complete enough Need heuristics and backtracking to synthesize even more succinct trees Mathematical characterization of the optimal solutions we want to generate 23

  31. The ATSyRA prototype Discussion Short term Improve both specification languages Easy ways to select a subgoal, a sub-building, etc. Connect subgoals For subgoal: exploit temporal logic from the Model-checker (e.g. ( ¬ staff access card.pos=attacker) U (reach goal).) Select/suggest a virtual node to generate an HLA Good tools for editing trees, choose abstract level for display Parsing scenorios with HLA Very combinatorial, currently the rules are not complete enough Need heuristics and backtracking to synthesize even more succinct trees Mathematical characterization of the optimal solutions we want to generate Long term Towards other kinds of systems, typically cyber intrusions Guards, Defense (counter-measures) 23

  32. The ATSyRA prototype The partners IRISA LogicA DiversE EMSEC LIP6 DGA Thank you for your attention! 24

Recommend

A New Side-Channel Attack on RSA Prime Generation Thomas Finke, Max Gebhardt, Werner Schindler

A New Side-Channel Attack on RSA Prime Generation Thomas Finke, Max Gebhardt, Werner Schindler

A New Side-Channel Attack on RSA Prime Generation Thomas Finke, Max Gebhardt, Werner Schindler Federal Office for Information Security (BSI), Germany Lausanne, September 7, 2009 Outline r Introduction and Motivation r The Attack r Basic attack

514 views • 25 slides
A Side-Channel Assisted Cryptanalytic Attack Against QcBits Mlissa Rossi Mike Hamburg

A Side-Channel Assisted Cryptanalytic Attack Against QcBits Mlissa Rossi Mike Hamburg

A Side-Channel Assisted Cryptanalytic Attack Against QcBits Mlissa Rossi Mike Hamburg Michael Hutter Mark E. Marson Possible path for post-quantum security Error-correcting codes Quantum computers may threaten the mathematical

892 views • 66 slides
Marker Assisted Marker Assisted Selection Selection Biotechnology in Action Biotechnology in

Marker Assisted Marker Assisted Selection Selection Biotechnology in Action Biotechnology in

Marker Assisted Marker Assisted Selection Selection Biotechnology in Action Biotechnology in Action Traditional Tree Breeding Traditional Tree Breeding The selection of trees is based on visible traits (phenotypes). The selection of trees

316 views • 9 slides
Assisted Discovery of On-Chip Debug Interfaces Joe Grand (@joegrand) Introduction On-chip

Assisted Discovery of On-Chip Debug Interfaces Joe Grand (@joegrand) Introduction On-chip

Assisted Discovery of On-Chip Debug Interfaces Joe Grand (@joegrand) Introduction On-chip debug interfaces are a well-known attack vector - Used as a stepping stone to further an attack - Can provide chip-level control of a target

766 views • 35 slides
( ( ) ) ( ) ( ) = = Work = h log t n B- B -Trees Trees B B- -Trees

( ( ) ) ( ) ( ) = = Work = h log t n B- B -Trees Trees B B- -Trees

B- B -Trees Trees B B- -Trees Trees Search for key R ( ( ) ) ( ) ( ) = = Work = h log t n B- B -Trees Trees B B- -Trees Trees Each Disk-Read or Disk-Write = one Basic unit of work O(1) Typical Node x

287 views • 4 slides
A Scalable Approach to Attack Graph Generation By Ou, Boyer, McQueen Presented By: Philip Koshy

A Scalable Approach to Attack Graph Generation By Ou, Boyer, McQueen Presented By: Philip Koshy

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA A Scalable Approach to Attack Graph Generation By Ou, Boyer,

591 views • 33 slides
Causal Model Extraction from Attack Trees to Attribute Malicious Insider Attacks Amjad Ibrahim,

Causal Model Extraction from Attack Trees to Attribute Malicious Insider Attacks Amjad Ibrahim,

Causal Model Extraction from Attack Trees to Attribute Malicious Insider Attacks Amjad Ibrahim, Simon Rehwald, Antoine Scemama, Florian Andres, Alexander Pretschner Technische Universitt Mnchen Department of Informatics Chair of Software

512 views • 24 slides
Squeezing State Spaces of (Attack-Defence) Trees l Knapik 1 Wojciech Penczek 1 Micha Laure

Squeezing State Spaces of (Attack-Defence) Trees l Knapik 1 Wojciech Penczek 1 Micha Laure

Squeezing State Spaces of (Attack-Defence) Trees l Knapik 1 Wojciech Penczek 1 Micha Laure Petrucci 2 Teofil Sidoruk 1 1 Institute of Computer Science, Polish Academy of Sciences 2 LIPN, CNRS UMR 7030, Universit e Sorbonne Paris Nord LAMAS

388 views • 23 slides
Generation in Machine Translation from Deep Syntactic Trees Keith Hall Petr N mec Johns

Generation in Machine Translation from Deep Syntactic Trees Keith Hall Petr N mec Johns

Generation in Machine Translation from Deep Syntactic Trees Keith Hall Petr N mec Johns Hopkins University Charles University in Prague Outline Transfer-based MT Tectogrammatical Representation (TR) (deep syntax) Generation from

544 views • 40 slides
Attack on Traffic Systems These attack examples have happened in the past. We will take an

Attack on Traffic Systems These attack examples have happened in the past. We will take an

From start to finish how a cyber attack would be performed on traffic system, we will go over first day >> exploitation of the device >> the real-world aftermath. Mission Secure, Inc. Attack on Traffic Systems These attack examples

556 views • 18 slides
/ + - * * 5 3 2 6 5 2 Examples Binary Trees BSTs Augmenting BinExpr General Trees

/ + - * * 5 3 2 6 5 2 Examples Binary Trees BSTs Augmenting BinExpr General Trees

Trees Readings: HtDP , sections 14, 15, 16. Topics: Introductory examples and terminology Binary trees Binary search trees Augmenting trees Binary expression trees General arithmetic expression trees Nested lists Examples Binary Trees

1.19k views • 31 slides
Attack Trees: semi-adaptive model Aivo Jrgenson 2 , 3 Jan Willemson 1 1 Cybernetica, Tartu,

Attack Trees: semi-adaptive model Aivo Jrgenson 2 , 3 Jan Willemson 1 1 Cybernetica, Tartu,

Attack Trees: semi-adaptive model Aivo Jrgenson 2 , 3 Jan Willemson 1 1 Cybernetica, Tartu, Estonia 2 Tallinn University of Technology, Tallinn, Estonia 3 Elion Enterprises Ltd, Tallinn, Estonia 1st February 2009 Jrgenson,Willemson (Estonia)

520 views • 28 slides
Assisted warmup with the Zing JVM Ivn Kr lov @JohnWings Assisted warmup with the Zing JVM

Assisted warmup with the Zing JVM Ivn Kr lov @JohnWings Assisted warmup with the Zing JVM

Assisted warmup with the Zing JVM Ivn Kr lov @JohnWings Assisted warmup with the Zing JVM Overview of 3 technologies Falcon compiler ReadyNow & Compile Stashing Challenges (largely universal to all AOTs) Identification

887 views • 86 slides
Trees Eric McCreath Overview In this lecture we will explore: general trees, binary trees,

Trees Eric McCreath Overview In this lecture we will explore: general trees, binary trees,

Trees Eric McCreath Overview In this lecture we will explore: general trees, binary trees, binary search trees, and AVL and B-Trees. 2 Trees Trees are recursive data structures. They are useful for: representing items that have a tree

622 views • 27 slides
Influencing and voluntary assisted dying Slide Voluntary assisted dying, euthanasia, dying with

Influencing and voluntary assisted dying Slide Voluntary assisted dying, euthanasia, dying with

Influencing and voluntary assisted dying Slide Voluntary assisted dying, euthanasia, dying with dignity, physician assisted suicide however it is labelled has been an issue confronting communities and governments for many years. It is one

109 views • 7 slides
2-3-4 Trees and Red- Black Trees 204 erm CS 16: Balanced Trees 2-3-4 Trees Revealed Nodes

2-3-4 Trees and Red- Black Trees 204 erm CS 16: Balanced Trees 2-3-4 Trees Revealed Nodes

CS 16: Balanced Trees 2-3-4 Trees and Red- Black Trees 204 erm CS 16: Balanced Trees 2-3-4 Trees Revealed Nodes store 1, 2, or 3 keys and have 2, 3, or 4 children, respectively All leaves have the same depth k n r b e h n r b e

800 views • 31 slides
Algorithms and Data Structures Balanced Trees (AVL-Trees, (a,b)-Trees, Red-Black-Trees)

Algorithms and Data Structures Balanced Trees (AVL-Trees, (a,b)-Trees, Red-Black-Trees)

Algorithms and Data Structures Balanced Trees (AVL-Trees, (a,b)-Trees, Red-Black-Trees) Albert-Ludwigs-Universitt Freiburg Prof. Dr. Rolf Backofen Bioinformatics Group / Department of Computer Science Algorithms and Data Structures, January

884 views • 55 slides
M.A.T. Medically Assisted Therapy Jeanne Kapenga, M.D. Medically Assisted Therapy

M.A.T. Medically Assisted Therapy Jeanne Kapenga, M.D. Medically Assisted Therapy

M.A.T. Medically Assisted Therapy Jeanne Kapenga, M.D. Medically Assisted Therapy Recognized to aid in successful recovery programs along with counseling for 90% of patients Allows the natural neurochemistry to return to opioid/drug

470 views • 17 slides
AVL TREES Height Balance : AVL Trees h 1 h 2 | h - h | 1 AVL AVL 2 1 non-AVL trees

AVL TREES Height Balance : AVL Trees h 1 h 2 | h - h | 1 AVL AVL 2 1 non-AVL trees

AVL TREES Height Balance : AVL Trees h 1 h 2 | h - h | 1 AVL AVL 2 1 non-AVL trees AVL trees S. Prasitjutrakul 1994 AVL Trees : I nsertion m m k k k u u k k m m v t u m m t t u k m u k u p v t k p v v

320 views • 16 slides
Obfuscated Circuits with Capabilities and Performance Beyond the SAT Attacks Conference on

Obfuscated Circuits with Capabilities and Performance Beyond the SAT Attacks Conference on

SMT Attack : Next Generation Attack on Obfuscated Circuits with Capabilities and Performance Beyond the SAT Attacks Conference on Cryptographic Hardware and Embedded Systems 2019 ( CHES 2019 ) Kimia Zamiri Azar , Hadi Mardani Kamali, Houman

701 views • 69 slides
Attack Trees, Security modelling for Agile Teams Michael Brunton-Spall @bruntonspall Michael

Attack Trees, Security modelling for Agile Teams Michael Brunton-Spall @bruntonspall Michael

Attack Trees, Security modelling for Agile Teams Michael Brunton-Spall @bruntonspall Michael Brunton-Spall He/His/Him Independent Cybersecurity Consultant Michael Brunton-Spall @bruntonspall Why Security Matters Michael Brunton-Spall

770 views • 66 slides
Trees I think that I shall never see Trees I A poem lovely as a tree -- J. Kilmer Trees

Trees I think that I shall never see Trees I A poem lovely as a tree -- J. Kilmer Trees

Trees I think that I shall never see Trees I A poem lovely as a tree -- J. Kilmer Trees Anatomy of a Tree a In CS, we look at trees Node from the bottom up Basic element of the tree b c Contains a piece of

321 views • 5 slides
Trees Russell Impagliazzo and Miles Jones Thanks to Janine Tiefenbruck

Trees Russell Impagliazzo and Miles Jones Thanks to Janine Tiefenbruck

Trees Russell Impagliazzo and Miles Jones Thanks to Janine Tiefenbruck http://cseweb.ucsd.edu/classes/sp16/cse21-bd/ April 29, 2016 Another Special Type of Graph: Trees Trees 1. Definitions of trees 2. Properties of trees 3. Revisiting uses of

837 views • 37 slides
Trees a tree represents a hierarchy - organization structure of a corporation Electronics

Trees a tree represents a hierarchy - organization structure of a corporation Electronics

T REES trees binary trees traversals of trees template method pattern data structures for trees Trees 1 Trees a tree represents a hierarchy - organization structure of a corporation Electronics RUs R&D

434 views • 18 slides

More recommend