attack trees semi adaptive model
play

Attack Trees: semi-adaptive model Aivo Jrgenson 2 , 3 Jan Willemson 1 - PowerPoint PPT Presentation

Feb 14, 2024 •223 likes •520 views

Attack Trees: semi-adaptive model Aivo Jrgenson 2 , 3 Jan Willemson 1 1 Cybernetica, Tartu, Estonia 2 Tallinn University of Technology, Tallinn, Estonia 3 Elion Enterprises Ltd, Tallinn, Estonia 1st February 2009 Jrgenson,Willemson (Estonia)

  1. Attack Trees: semi-adaptive model Aivo Jürgenson 2 , 3 Jan Willemson 1 1 Cybernetica, Tartu, Estonia 2 Tallinn University of Technology, Tallinn, Estonia 3 Elion Enterprises Ltd, Tallinn, Estonia 1st February 2009 Jürgenson,Willemson (Estonia) Attack Trees: semi-adaptive model 1st February 2009 1 / 13

  2. Outline of the talk 1 Introduction to multi-parameter attack trees 2 Semi-adaptive model 3 Semi-adaptive blocking model 4 Results and Questions Jürgenson,Willemson (Estonia) Attack Trees: semi-adaptive model 1st February 2009 2 / 13

  3. Attack trees (J. D. Weiss 1991, B. Schneier 1999) ∨ Obtain ad- ministrator privileges ∨ ∨ Obtain ad- Access ministrator system password console ∨ & Enter Look over Corrupt Guess computer admin operator password center shoulder Encounter Break into Obtain Unattended simple computer password guest password center file Jürgenson,Willemson (Estonia) Attack Trees: semi-adaptive model 1st February 2009 3 / 13

  4. Attacker financial game (A. Buldas et al. 2006) Jürgenson,Willemson (Estonia) Attack Trees: semi-adaptive model 1st February 2009 4 / 13

  5. Attacker financial game (A. Buldas et al. 2006) Preventive yes Attack prepa- Gains from security p ration costs the attack broken? ( 1 − p ) no yes yes Attacker Attacker Penalty paid Penalty paid caught? caught? q + q − ( 1 − q + ) no ( 1 − q − ) no Outcome = Outcome = Outcome = Outcome = − Cost + − Cost − − Cost − Cost + Gains Gains − Penalties − Penalties + Jürgenson,Willemson (Estonia) Attack Trees: semi-adaptive model 1st February 2009 4 / 13

  6. Attacker financial game (A. Buldas et al. 2006) Preventive yes Attack prepa- Gains from security p ration costs the attack broken? ( 1 − p ) no yes yes Attacker Attacker Penalty paid Penalty paid caught? caught? q + q − ( 1 − q + ) no ( 1 − q − ) no Outcome = Outcome = Outcome = Outcome = − Cost + − Cost − − Cost − Cost + Gains Gains − Penalties − Penalties + Jürgenson,Willemson (Estonia) Attack Trees: semi-adaptive model 1st February 2009 4 / 13

  7. Attacker financial game (A. Buldas et al. 2006) Preventive yes Attack prepa- Gains from security p ration costs the attack broken? ( 1 − p ) no yes yes Attacker Attacker Penalty paid Penalty paid caught? caught? q + q − ( 1 − q + ) no ( 1 − q − ) no Outcome = Outcome = Outcome = Outcome = − Cost + − Cost − − Cost − Cost + Gains Gains − Penalties − Penalties + Jürgenson,Willemson (Estonia) Attack Trees: semi-adaptive model 1st February 2009 4 / 13

  8. Attacker financial game (A. Buldas et al. 2006) Preventive yes Attack prepa- Gains from security p ration costs the attack broken? ( 1 − p ) no yes yes Penalties + Attacker Attacker Penalties − caught? caught? paid paid q + q − ( 1 − q + ) no ( 1 − q − ) no Outcome = Outcome = Outcome = Outcome = − Cost + − Cost − − Cost − Cost + Gains Gains − Penalties − Penalties + Jürgenson,Willemson (Estonia) Attack Trees: semi-adaptive model 1st February 2009 4 / 13

  9. Attacker financial game (A. Buldas et al. 2006) Preventive yes Attack prepa- Gains from security p ration costs the attack broken? ( 1 − p ) no yes yes Penalties + Attacker Attacker Penalties − caught? caught? paid paid q + q − ( 1 − q + ) no ( 1 − q − ) no Outcome = Outcome = Outcome = Outcome = − Cost + − Cost − − Cost − Cost + Gains Gains − Penalties − Penalties + Jürgenson,Willemson (Estonia) Attack Trees: semi-adaptive model 1st February 2009 4 / 13

  10. Multi-parameter Attack Trees (A. Buldas et al., 2006) Gains – the value gained from the successful attack Cost i – the cost of the elementary attack, p i – success probability π − i = q − i · Penalty − – the expected penalty, unsuccessful attack i π + i = q + i · Penalty + – the expected penalty, successful attack i Jürgenson,Willemson (Estonia) Attack Trees: semi-adaptive model 1st February 2009 5 / 13

  11. Multi-parameter Attack Trees (A. Buldas et al., 2006) Gains – the value gained from the successful attack Cost i – the cost of the elementary attack, p i – success probability π − i = q − i · Penalty − – the expected penalty, unsuccessful attack i π + i = q + i · Penalty + – the expected penalty, successful attack i � ( Cost 1 , p 1 , π + 1 , π − 1 ) , if Outcome 1 > Outcome 2 ( Cost , p , π + , π − ) = ( Cost 2 , p 2 , π + 2 , π − 2 ) , if Outcome 1 ≤ Outcome 2 Outcome i = p i · Gains − Cost i − p i · π + i − ( 1 − p i ) · π − i Jürgenson,Willemson (Estonia) Attack Trees: semi-adaptive model 1st February 2009 5 / 13

  12. Multi-parameter Attack Trees (A. Buldas et al., 2006) Gains – the value gained from the successful attack Cost i – the cost of the elementary attack, p i – success probability π − i = q − i · Penalty − – the expected penalty, unsuccessful attack i π + i = q + i · Penalty + – the expected penalty, successful attack i � ( Cost 1 , p 1 , π + 1 , π − 1 ) , if Outcome 1 > Outcome 2 ( Cost , p , π + , π − ) = ( Cost 2 , p 2 , π + 2 , π − 2 ) , if Outcome 1 ≤ Outcome 2 Outcome i = p i · Gains − Cost i − p i · π + i − ( 1 − p i ) · π − i π + = π + 1 + π + Cost = Cost 1 + Cost 2 , p = p 1 · p 2 , 2 , p 1 ( 1 − p 2 )( π + 1 + π + 1 + π − 2 ) + ( 1 − p 1 ) p 2 ( π − 2 ) π − = + 1 − p 1 p 2 +( 1 − p 1 )( 1 − p 2 )( π − 1 + π − 2 ) 1 − p 1 p 2 Jürgenson,Willemson (Estonia) Attack Trees: semi-adaptive model 1st February 2009 5 / 13

  13. Attacker adaptiveness Current models all assume that all attacks take place simultanously, in the same time. In the real life, attacker has the option to choose different strategy during the execution of attack tree, after some elementary attack succeeds, or fails. Jürgenson,Willemson (Estonia) Attack Trees: semi-adaptive model 1st February 2009 6 / 13

  14. Attacker adaptiveness Current models all assume that all attacks take place simultanously, in the same time. In the real life, attacker has the option to choose different strategy during the execution of attack tree, after some elementary attack succeeds, or fails. Full-adaptive model attacker can choose any not-used attack for the next step, rather complicated to analyze, we will not go there. Jürgenson,Willemson (Estonia) Attack Trees: semi-adaptive model 1st February 2009 6 / 13

  15. Attacker adaptiveness Current models all assume that all attacks take place simultanously, in the same time. In the real life, attacker has the option to choose different strategy during the execution of attack tree, after some elementary attack succeeds, or fails. Full-adaptive model attacker can choose any not-used attack for the next step, rather complicated to analyze, we will not go there. Semi-adaptive model attacker fixes the order of the attacks, attacker has the option to skip some attacks from the previously fixed order. Jürgenson,Willemson (Estonia) Attack Trees: semi-adaptive model 1st February 2009 6 / 13

  16. Semi-adaptive model Simplified attacker actions: Create the attack tree F with the set of elementary attacks X = { X 1 , X 2 , . . . , X n } . Jürgenson,Willemson (Estonia) Attack Trees: semi-adaptive model 1st February 2009 7 / 13

  17. Semi-adaptive model Simplified attacker actions: Create the attack tree F with the set of elementary attacks X = { X 1 , X 2 , . . . , X n } . Choose subset S ⊆ X and create the subtree, i.e. choose one possible way of realizing the attack tree F . Jürgenson,Willemson (Estonia) Attack Trees: semi-adaptive model 1st February 2009 7 / 13

  18. Semi-adaptive model Simplified attacker actions: Create the attack tree F with the set of elementary attacks X = { X 1 , X 2 , . . . , X n } . Choose subset S ⊆ X and create the subtree, i.e. choose one possible way of realizing the attack tree F . Choose the permutation α for the subset S , i.e. choose the order of the attacks, eq α = { X 2 , X 3 , X 1 } . Jürgenson,Willemson (Estonia) Attack Trees: semi-adaptive model 1st February 2009 7 / 13

  19. Semi-adaptive model Simplified attacker actions: Create the attack tree F with the set of elementary attacks X = { X 1 , X 2 , . . . , X n } . Choose subset S ⊆ X and create the subtree, i.e. choose one possible way of realizing the attack tree F . Choose the permutation α for the subset S , i.e. choose the order of the attacks, eq α = { X 2 , X 3 , X 1 } . Evaluate the outcome of the subtree S and permutation α . Jürgenson,Willemson (Estonia) Attack Trees: semi-adaptive model 1st February 2009 7 / 13

  20. Semi-adaptive model Simplified attacker actions: Create the attack tree F with the set of elementary attacks X = { X 1 , X 2 , . . . , X n } . Choose subset S ⊆ X and create the subtree, i.e. choose one possible way of realizing the attack tree F . Choose the permutation α for the subset S , i.e. choose the order of the attacks, eq α = { X 2 , X 3 , X 1 } . Evaluate the outcome of the subtree S and permutation α . Choose the maximum outcome for all different combinations of permuations α and subtrees S . Jürgenson,Willemson (Estonia) Attack Trees: semi-adaptive model 1st February 2009 7 / 13

  21. Evaluating the outcome of attack tree Outcome semiadaptive = max { Outcome α : S ⊆ X , F ( S := true ) = true , α } n � Outcome α = p α · Gains − p α, i · Expenses i i = 1 Jürgenson,Willemson (Estonia) Attack Trees: semi-adaptive model 1st February 2009 8 / 13

Recommend

Causal Model Extraction from Attack Trees to Attribute Malicious Insider Attacks Amjad Ibrahim,

Causal Model Extraction from Attack Trees to Attribute Malicious Insider Attacks Amjad Ibrahim,

Causal Model Extraction from Attack Trees to Attribute Malicious Insider Attacks Amjad Ibrahim, Simon Rehwald, Antoine Scemama, Florian Andres, Alexander Pretschner Technische Universitt Mnchen Department of Informatics Chair of Software

512 views • 24 slides
Adaptive semi-Lagrangian schemes for transport (how to predict accurate grids ?) Martin Campos

Adaptive semi-Lagrangian schemes for transport (how to predict accurate grids ?) Martin Campos

Motivation Adaptive semi-Lagrangian schemes Adaptive semi-Lagrangian schemes for transport (how to predict accurate grids ?) Martin Campos Pinto CNRS & University of Strasbourg, France joint work Albert Cohen (Paris 6), Michel Mehrenberger

365 views • 19 slides
Se Semi-Su Supervise sed QA with Ge Generative Do Doma main-Ad Adaptive N e Nets C arnegie

Se Semi-Su Supervise sed QA with Ge Generative Do Doma main-Ad Adaptive N e Nets C arnegie

Se Semi-Su Supervise sed QA with Ge Generative Do Doma main-Ad Adaptive N e Nets C arnegie M ellon U niversity Zhilin Yang , Junjie Hu, Ruslan Salakhutdinov, William W. Cohen Xiachong Feng Ou Outline Author Overview

337 views • 23 slides
#82 Adaptive Neural Trees Ryutaro Tanno , Kai Arulkumaran, Daniel C. Alexander, Antonio

#82 Adaptive Neural Trees Ryutaro Tanno , Kai Arulkumaran, Daniel C. Alexander, Antonio

#82 Adaptive Neural Trees Ryutaro Tanno , Kai Arulkumaran, Daniel C. Alexander, Antonio Criminisi, Aditya Nori Two Paradigms of Machine Learning Deep Neural Networks Decision Trees hierarchical representation of data hierarchical

351 views • 14 slides
COMP60411 Semi-structured Data and the Web Validating Trees against Tree Grammars The Essence of

COMP60411 Semi-structured Data and the Web Validating Trees against Tree Grammars The Essence of

COMP60411 Semi-structured Data and the Web Validating Trees against Tree Grammars The Essence of XML and Errors Bijan Parsia and Uli Sattler University of Manchester 1 Saturday, 29 October 2011 1 Last week... ...we have designed our first

1.23k views • 105 slides
Adaptive Distributed Distributed Traffic Traffic Adaptive Adaptive Distributed Traffic Control

Adaptive Distributed Distributed Traffic Traffic Adaptive Adaptive Distributed Traffic Control

Adaptive Distributed Distributed Traffic Traffic Adaptive Adaptive Distributed Traffic Control Service Service for for DDoS DDoS Attack Attack Control Control Service for DDoS Attack Mitigation Mitigation Mitigation Bernhard Plattner,

474 views • 24 slides
Introduction Attack Graphs Model Creation Analysis of Attack Graphs

Introduction Attack Graphs Model Creation Analysis of Attack Graphs

EVA Evolutionary Vulnerability Analyzer A Framework for Network Analysis and Risk Assessment Dr. Melissa Danforth Department of Computer Science California State University, Bakersfield Introduction Attack Graphs Model Creation

684 views • 50 slides
Assisted Generation of Attack Trees : the ATSyRAprototype Sophie Pinchinat joint work with

Assisted Generation of Attack Trees : the ATSyRAprototype Sophie Pinchinat joint work with

Assisted Generation of Attack Trees : the ATSyRAprototype Sophie Pinchinat joint work with Mathieu Acher and Didier Vojtisek Universit e de Rennes 1 GraMSec, 13 July 2015 Outline Introductory example 1 Goal decomposition High-level

798 views • 32 slides
A DEPTS : Adaptive Intrusion Response using Attack Graphs in an e-Commerce Environment Bingrui

A DEPTS : Adaptive Intrusion Response using Attack Graphs in an e-Commerce Environment Bingrui

A DEPTS : Adaptive Intrusion Response using Attack Graphs in an e-Commerce Environment Bingrui Foo, Yu-Sung Wu, Yu-Chun Mao, Saurabh Bagchi, Eugene Spafford Purdue University Dependable Computing Systems Lab (http://shay.ecn.purdue.edu/~dcsl)

608 views • 23 slides
Adaptive Sequential Recommendation for Discussion Forums on MOOCs using Context Trees Fei Mi, Boi

Adaptive Sequential Recommendation for Discussion Forums on MOOCs using Context Trees Fei Mi, Boi

Introduction and Motivation The Proposed Context Tree Recommender Experiment Results Conclusion and Future Work References Adaptive Sequential Recommendation for Discussion Forums on MOOCs using Context Trees Fei Mi, Boi Faltings Artificial

396 views • 22 slides
( ( ) ) ( ) ( ) = = Work = h log t n B- B -Trees Trees B B- -Trees

( ( ) ) ( ) ( ) = = Work = h log t n B- B -Trees Trees B B- -Trees

B- B -Trees Trees B B- -Trees Trees Search for key R ( ( ) ) ( ) ( ) = = Work = h log t n B- B -Trees Trees B B- -Trees Trees Each Disk-Read or Disk-Write = one Basic unit of work O(1) Typical Node x

287 views • 4 slides
Squeezing State Spaces of (Attack-Defence) Trees l Knapik 1 Wojciech Penczek 1 Micha Laure

Squeezing State Spaces of (Attack-Defence) Trees l Knapik 1 Wojciech Penczek 1 Micha Laure

Squeezing State Spaces of (Attack-Defence) Trees l Knapik 1 Wojciech Penczek 1 Micha Laure Petrucci 2 Teofil Sidoruk 1 1 Institute of Computer Science, Polish Academy of Sciences 2 LIPN, CNRS UMR 7030, Universit e Sorbonne Paris Nord LAMAS

388 views • 23 slides
Toward Self-Adaptive Software Employing Model Predictive Control NII Shonan Meeting on Controlled

Toward Self-Adaptive Software Employing Model Predictive Control NII Shonan Meeting on Controlled

Toward Self-Adaptive Software Employing Model Predictive Control NII Shonan Meeting on Controlled Adaptation of Self-Adaptive Systems (CASaS) Shonan, Japan, April 24-28, 2016 Holger Giese , Thomas Vogel , and Sona Ghahremani Hasso Plattner

313 views • 15 slides
A Nonlinear Trust-Region Framework for PDE-Constrained Optimization Using Adaptive Model

A Nonlinear Trust-Region Framework for PDE-Constrained Optimization Using Adaptive Model

Introduction Optimization via Adaptive Model Reduction Large-Scale, Constrained Optimization Conclusion A Nonlinear Trust-Region Framework for PDE-Constrained Optimization Using Adaptive Model Reduction Matthew J. Zahr Institute for

336 views • 33 slides
Attack on Traffic Systems These attack examples have happened in the past. We will take an

Attack on Traffic Systems These attack examples have happened in the past. We will take an

From start to finish how a cyber attack would be performed on traffic system, we will go over first day >> exploitation of the device >> the real-world aftermath. Mission Secure, Inc. Attack on Traffic Systems These attack examples

556 views • 18 slides
Mitigating Wordline Crosstalk using Adaptive Trees of Counters Mohammad Seyedzadeh , Alex Jones,

Mitigating Wordline Crosstalk using Adaptive Trees of Counters Mohammad Seyedzadeh , Alex Jones,

Mitigating Wordline Crosstalk using Adaptive Trees of Counters Mohammad Seyedzadeh , Alex Jones, Rami Melhem University of Pi8sburgh Wordline Crosstalk in DRAM DRAM Scaling High Memory Capacity Voltage Fluctua<ons DRAM Cells

527 views • 33 slides
Trees and Martingales Multi-Step Binary Model Generalize the single-period model. Still

Trees and Martingales Multi-Step Binary Model Generalize the single-period model. Still

Trees and Martingales Multi-Step Binary Model Generalize the single-period model. Still just two assets: the stock and the risk-free bond. Still no transaction cost, nor limits on amounts of either asset. But: market is observed at

379 views • 16 slides
Deformable Model with Adaptive Mesh and Automated Topology Changes Jacques-Olivier Lachaud

Deformable Model with Adaptive Mesh and Automated Topology Changes Jacques-Olivier Lachaud

Deformable Model with Adaptive Mesh and Automated Topology Changes Jacques-Olivier Lachaud Benjamin Taton Laboratoire Bordelais de Recherche en Informatique (LaBRI) Deformable Model with Adaptive Mesh and Automated Topology Changes p.1/21

749 views • 59 slides
Enhancing a Model-Free Adaptive Controller through Evolutionary Computation Anthony Clark,

Enhancing a Model-Free Adaptive Controller through Evolutionary Computation Anthony Clark,

Enhancing a Model-Free Adaptive Controller through Evolutionary Computation Anthony Clark, Philip McKinley, and Xiaobo Tan Michigan State University, East Lansing, USA Anthony J. Clark - Adaptive Control - GECCO2015

552 views • 44 slides
EXPLORING THE SOLUTION ZOO OF A SEMI-ANALYTICAL MHD MODEL FOR SELF-SIMILAR JETS C HIARA C

EXPLORING THE SOLUTION ZOO OF A SEMI-ANALYTICAL MHD MODEL FOR SELF-SIMILAR JETS C HIARA C

EXPLORING THE SOLUTION ZOO OF A SEMI-ANALYTICAL MHD MODEL FOR SELF-SIMILAR JETS C HIARA C ECCOBELLO Compact Objects For All Lund Observatory, 10-11 February 2020 AGN (PPNe) (YSOs) NSXRBs MAGNETARS BHXRBs a BH Xray

300 views • 14 slides
Development of Semi-empirical Thermal Conductivity Model of U-Mo/Al Dispersion Fuel Tae Won Cho*,

Development of Semi-empirical Thermal Conductivity Model of U-Mo/Al Dispersion Fuel Tae Won Cho*,

Transactions of the Korean Nuclear Society Virtual Spring Meeting July 9-10, 2020 Development of Semi-empirical Thermal Conductivity Model of U-Mo/Al Dispersion Fuel Tae Won Cho*, Yong Jin Jeong, Kyu Hong Lee, Sung Hwan Kim, Ki Nam Kim, Jong Man

256 views • 3 slides
Magnetic Effects in Matter Consider the following, semi-classical model of an atom. An unpaired

Magnetic Effects in Matter Consider the following, semi-classical model of an atom. An unpaired

Magnetic Effects in Matter Consider the following, semi-classical model of an atom. An unpaired electron follows a circular orbit around the nucleus with a speed v (Figure 1). An external field B is applied per- pendicular to the place of the

283 views • 9 slides
DYNAMIC-PROBABILISTIC MODELING OF UPWARES IN ATMOSPHERE WITH USE SEMI- LAGRANGIAN MODEL OF

DYNAMIC-PROBABILISTIC MODELING OF UPWARES IN ATMOSPHERE WITH USE SEMI- LAGRANGIAN MODEL OF

DYNAMIC-PROBABILISTIC MODELING OF UPWARES IN ATMOSPHERE WITH USE SEMI- LAGRANGIAN MODEL OF TRANSPORT OF SUBSTATION A.V.Protasov Institute of Computational Mathematics and Mathematical Geophysics of SB RAS Ensemble of realizations r = i

358 views • 21 slides
/ + - * * 5 3 2 6 5 2 Examples Binary Trees BSTs Augmenting BinExpr General Trees

/ + - * * 5 3 2 6 5 2 Examples Binary Trees BSTs Augmenting BinExpr General Trees

Trees Readings: HtDP , sections 14, 15, 16. Topics: Introductory examples and terminology Binary trees Binary search trees Augmenting trees Binary expression trees General arithmetic expression trees Nested lists Examples Binary Trees

1.19k views • 31 slides

More recommend