squeezing state spaces of attack defence trees
play

Squeezing State Spaces of (Attack-Defence) Trees l Knapik 1 Wojciech - PowerPoint PPT Presentation

Aug 14, 2023 •140 likes •388 views

Squeezing State Spaces of (Attack-Defence) Trees l Knapik 1 Wojciech Penczek 1 Micha Laure Petrucci 2 Teofil Sidoruk 1 1 Institute of Computer Science, Polish Academy of Sciences 2 LIPN, CNRS UMR 7030, Universit e Sorbonne Paris Nord LAMAS

  1. Squeezing State Spaces of (Attack-Defence) Trees l Knapik 1 Wojciech Penczek 1 Micha� Laure Petrucci 2 Teofil Sidoruk 1 1 Institute of Computer Science, Polish Academy of Sciences 2 LIPN, CNRS UMR 7030, Universit´ e Sorbonne Paris Nord LAMAS May 10, 2020 M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 1 / 11

  2. Motivation Attack-Defence Trees [Kordy et al., 2011, Aslanyan and Nielson, 2015] allow for studying interactions between attacker and defender parties: ◮ performance ◮ feasibility An agent-aware model ◮ asynchronous multi-agent systems, an automata-based formalism [Jamroga et al., 2018] ◮ extended with attributes and functions ◮ quantitative and qualitative analysis M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 2 / 11

  3. Attack-Defence Trees Name Cost Time TS (treasure stolen) TS p (police) e 100 10 min TF (thieves fleeing) ST (steal treasure) 2 min p TF b (bribe gatekeeper) e 500 1 h f (force arm. door) e 100 2 h GA (get away) ST GA h (helicopter) e 500 3 min e (emergency exit) 10 min e b f h Condition for TS: init time ( p ) > init time ( ST ) + time ( GA ) M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 3 / 11

  4. Exhaustive analysis ◮ Build the EAMAS by replacing each ADTree node by an automaton ◮ State space explosion Modelling with reduced patterns [Arias et al., 2019] ? a 2 ok A l 1 l 2 · · · l n l A k o 1 a ? A ! A ok ? a 1 nok l 0 ? a 2 nok a 1 a n · · · . . ? a n nok . l ′ ! A nok 1 M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 4 / 11

  5. Exhaustive analysis ◮ Build the EAMAS by replacing each ADTree node by an automaton ◮ State space explosion Modelling with reduced patterns [Arias et al., 2019] ? a 2 ok A l 2 · · · l n l 1 l A k o 1 a ? A ! A ok ? a 1 nok l 0 ? a 2 nok a 1 · · · a n . . ? a n nok . l ′ ! A nok 1 M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 4 / 11

  6. Exhaustive analysis ◮ Build the EAMAS by replacing each ADTree node by an automaton ◮ State space explosion Modelling with reduced patterns [Arias et al., 2019] Goes beyond POR! ? a 2 ok A l 1 l 2 · · · l n l A k o a 1 ? A ! A ok ? a 1 nok l 0 ? a 2 nok a 1 a n · · · . . ? a n nok . l ′ ! A nok 1 M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 4 / 11

  7. Exhaustive analysis ◮ Build the EAMAS by replacing each ADTree node by an automaton ◮ State space explosion Modelling with reduced patterns [Arias et al., 2019] Goes beyond POR! ? a 2 ok A l 1 l 2 · · · l n l A k o a 1 ? A ! A ok ? a 1 nok l 0 ? a 2 nok a 1 a n · · · . . ? a n nok . l ′ ! A nok 1 Patterns state space reduction is not enough! M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 4 / 11

  8. Outline Guarded Update Systems 1 General Definition Properties for Tree Topologies Layered Reduction for Trees 2 Experiments 3 Conclusion & Perspectives 4 M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 5 / 11

  9. Guarded Update Systems Asynchronous product of automata equipped with: ◮ integer variables ◮ guards: boolean formulae over linear terms on variables ◮ updates: assignments obtained by functions over variables ◮ in synchronised transitions, a variable should not be updated more than once GUS synchronisation topology ◮ nodes: individual automata ◮ edges: connect nodes that share a synchronised transition M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 6 / 11

  10. Guarded Update Systems Asynchronous product of automata equipped with: ◮ integer variables ◮ guards: boolean formulae over linear terms on variables ◮ updates: assignments obtained by functions over variables ◮ in synchronised transitions, a variable should not be updated more than once GUS synchronisation topology ◮ nodes: individual automata ◮ edges: connect nodes that share a synchronised transition M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 6 / 11

  11. Properties for Tree Topologies Precedence Actions synchronised with children actions occur before the other ones Root-directed Synchronisation Tree Precedence is satisfied for the whole tree Update separability ◮ a variable is updated in at most one component ◮ it is tested only in the ancestors of this component in the tree ADTrees topologies are root-directed and update-separable M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 7 / 11

  12. Properties for Tree Topologies Precedence Actions synchronised with children actions occur before the other ones Root-directed Synchronisation Tree Precedence is satisfied for the whole tree Update separability ◮ a variable is updated in at most one component ◮ it is tested only in the ancestors of this component in the tree ADTrees topologies are root-directed and update-separable M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 7 / 11

  13. Layered Reduction for Trees ? out 1 ? out 2 v ≥ 0 l 0 l 1 l 2 M F ? in 2 ? in 3 ? in 1 l 0 l 1 l 0 l 1 l 2 M N 1 M N 2 ! out 1 ? in 4 ! out 2 ! in 1 ! in 4 ! in 2 ! in 3 l 0 l 0 l 1 l 2 l 0 v := 1 M C 1 M C 2 M C 3 State space size Full: 14 states, 19 edges Reduced: 12 states, 14 edges M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 8 / 11

  14. Layered Reduction for Trees ? out 1 ? out 2 , d 1 := d 1 + 2 v ≥ 0 l 0 l 1 l 2 M F ? in 3 , d 2 := d 2 + 2 ? in 2 ? in 1 , d 2 := d 2 + 1 l 0 l 1 l 0 l 1 l 2 M N 1 M N 2 ! out 1 ? in 4 , d 2 := d 2 + 2 ! out 2 ! in 1 ! in 4 ! in 2 ! in 3 l 0 l 0 l 1 l 2 l 0 v := 1 M C 1 M C 2 M C 3 State space size Full: 14 states, 19 edges Reduced: 12 states, 14 edges M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 8 / 11

  15. Layered Reduction for Trees ? out 1 ? out 2 , d 1 := d 1 + 2 v ≥ 0 l 0 l 1 l 2 M F ? in 3 , d 2 := d 2 + 2 ? in 2 ? in 1 , d 2 := d 2 + 1 l 0 l 1 l 0 l 1 l 2 M N 1 M N 2 d 2 = 3 , ! out 1 ? in 4 , d 2 := d 2 + 2 d 2 = 3 , ! out 2 ! in 1 ! in 4 ! in 2 ! in 3 l 0 l 0 l 1 l 2 l 0 v := 1 M C 1 M C 2 M C 3 State space size Full: 14 states, 19 edges Reduced: 12 states, 14 edges M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 8 / 11

  16. Layered Reduction for Trees ? out 1 ? out 2 , d 1 := d 1 + 2 v ≥ 0 l 0 l 1 l 2 M F ? in 3 , d 2 := d 2 + 2 ? in 2 ? in 1 , d 2 := d 2 + 1 l 0 l 1 l 0 l 1 l 2 M N 1 M N 2 d 2 = 3 , ! out 1 ? in 4 , d 2 := d 2 + 2 d 2 = 3 , ! out 2 ! in 1 ! in 4 ! in 2 ! in 3 l 0 l 0 l 1 l 2 l 0 v := 1 M C 1 M C 2 M C 3 State space size Full: 14 states, 19 edges Reduced: 12 states, 14 edges M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 8 / 11

  17. Experiments Experimental setup ◮ model-checker IMITATOR (http://imitator.fr) ◮ 2 . 7 GHz Intel Core i7, with 16 GB of memory ◮ timeout of 30 minutes Some case studies applying both reductions vs. patterns vs. full Case study % size % reduction % size % reduction treasure-hunters 47 . 44 % 52 . 56 % 13 . 26 % 86 . 74 % forestall 24 . 97 % 75 . 03 % 2 . 37 % 97 . 63 % iot-dev 40 . 90 % 59 . 10 % 8 . 53 % 91 . 47 % gain-admin No Timeout! M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 9 / 11

  18. Experiments Experimental setup ◮ model-checker IMITATOR (http://imitator.fr) ◮ 2 . 7 GHz Intel Core i7, with 16 GB of memory ◮ timeout of 30 minutes Some case studies applying both reductions vs. patterns vs. full Case study % size % reduction % size % reduction treasure-hunters 47 . 44 % 52 . 56 % 13 . 26 % 86 . 74 % forestall 24 . 97 % 75 . 03 % 2 . 37 % 97 . 63 % iot-dev 40 . 90 % 59 . 10 % 8 . 53 % 91 . 47 % gain-admin No Timeout! M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 9 / 11

  19. Scaling up Experiments Scalability of different reductions (2 child nodes) 10000000 1000000 100000 10000 1000 100 10 1 depth 4 4 6 8 4 6 8 10 4 6 8 10 4 6 8 10 4 6 8 4 6 4 4 width 2 3 3 3 4 4 4 4 5 5 5 5 6 6 6 6 7 7 7 8 8 9 10 ADT nodes 7 9 13 15 11 15 17 23 13 17 19 25 15 19 21 27 17 21 23 19 23 21 23 both S both T patterns S patterns T layers S layers T no reduction S no reduction T M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 10 / 11

  20. Conclusion & Perspectives Summary ◮ A framework for model-checking systems that manipulate data ◮ Layered reduction approach to harness state space explosion ◮ Gains confirmed by extensive experiments on Attack-Defence Trees Future work ◮ Extend the approach to DAGs ◮ Take into account the assignment of agents to ADTree nodes ◮ Study other application domains exhibiting such topologies (e.g. workflows) ◮ Use as a basis for a compositional and parallel analysis M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 11 / 11

Recommend

New Defence Perspective New Defence Perspective New Defence Perspective New Defence Perspective

New Defence Perspective New Defence Perspective New Defence Perspective New Defence Perspective

New Defence Perspective New Defence Perspective New Defence Perspective New Defence Perspective Innovative technology, knowledge, problem solving are critical for Canada and its allies to mitigate new threats, stay ahead of potential

469 views • 18 slides
Covert channels in TCP/IP: attack and defence The creation and detection of TCP/IP steganography

Covert channels in TCP/IP: attack and defence The creation and detection of TCP/IP steganography

Covert channels in TCP/IP: attack and defence The creation and detection of TCP/IP steganography for covert channels and device fingerprinting Steven J. Murdoch and Stephen Lewis http://www.cl.cam.ac.uk/users/ { sjm217 , srl32 } Computer

1.12k views • 37 slides
Covert channels in TCP/IP: attack and defence The creation and detection of TCP/IP steganography

Covert channels in TCP/IP: attack and defence The creation and detection of TCP/IP steganography

Covert channels in TCP/IP: attack and defence The creation and detection of TCP/IP steganography for covert channels and device fingerprinting Steven J. Murdoch and Stephen Lewis http://www.cl.cam.ac.uk/users/ { sjm217 , srl32 } Computer

915 views • 36 slides
Squeezing Information from Data at Exascale Joel Saltz Emory University Georgia Tech Squeezing

Squeezing Information from Data at Exascale Joel Saltz Emory University Georgia Tech Squeezing

Squeezing Information from Data at Exascale Joel Saltz Emory University Georgia Tech Squeezing Information from Temporal Spatial Datasets Leverage exascale data and 2 computer resources to squeeze the most out of image, sensor or

642 views • 36 slides
Study and experiment on the alternative technique of frequencydependent squeezing generation

Study and experiment on the alternative technique of frequencydependent squeezing generation

Study and experiment on the alternative technique of frequencydependent squeezing generation with EPR entanglement for next generation of gravitational wave detectors. Mateusz Bawaj on behalf of Virgo squeezing team Noise sources in Adv

248 views • 11 slides
Making choices in multi-dimensional parameter spaces PhD thesis defence Steven Bergner Model

Making choices in multi-dimensional parameter spaces PhD thesis defence Steven Bergner Model

Making choices in multi-dimensional parameter spaces PhD thesis defence Steven Bergner Model adjustment at different levels User-driven experimentation: Use cases for paraglide Criteria optimization: Lighting design Theoretical

1.98k views • 143 slides
WELCOME Les Shearn Alliance Facilitator Defence Teaming Centre Defence Industry Liaison

WELCOME Les Shearn Alliance Facilitator Defence Teaming Centre Defence Industry Liaison

WELCOME Les Shearn Alliance Facilitator Defence Teaming Centre Defence Industry Liaison Officer - Defence SA 1 DEFENCE SA A SOUTH AUSTRALIAN GOVERNMENT AGENCY MISSION Facilitate the growth of Defence and sustainable defence industries in

457 views • 13 slides
Lecture 1: Trees, tree metric and tree spaces Piotr Zwiernik University of Genoa Algebraic

Lecture 1: Trees, tree metric and tree spaces Piotr Zwiernik University of Genoa Algebraic

Introduction Trees Tree metrics Phylogenetic oranges Tree correlations Further concepts Lecture 1: Trees, tree metric and tree spaces Piotr Zwiernik University of Genoa Algebraic Statistics 2015 Genova June 11, 2015 Lecture 1: Trees,

976 views • 85 slides
Assisted Generation of Attack Trees : the ATSyRAprototype Sophie Pinchinat joint work with

Assisted Generation of Attack Trees : the ATSyRAprototype Sophie Pinchinat joint work with

Assisted Generation of Attack Trees : the ATSyRAprototype Sophie Pinchinat joint work with Mathieu Acher and Didier Vojtisek Universit e de Rennes 1 GraMSec, 13 July 2015 Outline Introductory example 1 Goal decomposition High-level

798 views • 32 slides
Search in State Spaces 26th September 2019 Petter Kristiansen Search in State Spaces Many

Search in State Spaces 26th September 2019 Petter Kristiansen Search in State Spaces Many

Search in State Spaces 26th September 2019 Petter Kristiansen Search in State Spaces Many problems can be solved by using some form of search in a state space. We look at the following methods: Backtracking (Ch. 10)

476 views • 44 slides
Decision Trees and Nave Bayes 3/29/17 Hypothesis Spaces Decision Trees and K-Nearest

Decision Trees and Nave Bayes 3/29/17 Hypothesis Spaces Decision Trees and K-Nearest

Decision Trees and Nave Bayes 3/29/17 Hypothesis Spaces Decision Trees and K-Nearest Neighbors Continuous inputs Discrete outputs Nave Bayes Discrete inputs Discrete outputs Building a Decision Tree Greedy algorithm:

468 views • 17 slides
HOROCYCLIC PRODUCTS OF TREES AND HYPERBOLIC SPACES Wolfgang WOESS Graz University of Technology,

HOROCYCLIC PRODUCTS OF TREES AND HYPERBOLIC SPACES Wolfgang WOESS Graz University of Technology,

HOROCYCLIC PRODUCTS OF TREES AND HYPERBOLIC SPACES Wolfgang WOESS Graz University of Technology, Austria (No kangaroos in Austria !) 1 1. Treebolic spaces H = { x + i y : x R , y > 0 } hyperbolic upper half space, T = T q homogeneous

519 views • 19 slides
( ( ) ) ( ) ( ) = = Work = h log t n B- B -Trees Trees B B- -Trees

( ( ) ) ( ) ( ) = = Work = h log t n B- B -Trees Trees B B- -Trees

B- B -Trees Trees B B- -Trees Trees Search for key R ( ( ) ) ( ) ( ) = = Work = h log t n B- B -Trees Trees B B- -Trees Trees Each Disk-Read or Disk-Write = one Basic unit of work O(1) Typical Node x

287 views • 4 slides
Causal Model Extraction from Attack Trees to Attribute Malicious Insider Attacks Amjad Ibrahim,

Causal Model Extraction from Attack Trees to Attribute Malicious Insider Attacks Amjad Ibrahim,

Causal Model Extraction from Attack Trees to Attribute Malicious Insider Attacks Amjad Ibrahim, Simon Rehwald, Antoine Scemama, Florian Andres, Alexander Pretschner Technische Universitt Mnchen Department of Informatics Chair of Software

512 views • 24 slides
Combinatorics of spaces of trees: an application of topology to phylogenetics Curran N. McConnell

Combinatorics of spaces of trees: an application of topology to phylogenetics Curran N. McConnell

Combinatorics of spaces of trees: an application of topology to phylogenetics Curran N. McConnell Dalhousie University Categorical Approaches to Topology and Geometry, CMS Summer Meeting 2019 How phylogenetics works Discover when species

719 views • 56 slides
6.1 Representation of State Spaces 5.7. Foundations 5. State Spaces 6.

6.1 Representation of State Spaces 5.7. Foundations 5. State Spaces 6.

Foundations of Artificial Intelligence March 4, 2016 6. State-Space Search: Representation of State Spaces Foundations of Artificial Intelligence 6.1 Representation of State Spaces 6. State-Space Search: Representation of State Spaces 6.2

188 views • 4 slides
Prediction in kernelized output spaces: output kernel trees and ensemble methods Pierre Geurts

Prediction in kernelized output spaces: output kernel trees and ensemble methods Pierre Geurts

Prediction in kernelized output spaces: output kernel trees and ensemble methods Pierre Geurts Florence dAlchBuc IBISC CNRS, Universit dEvry, GENOPOLE, Evry, France Department of EE and CS, University of Lige, Belgium 25 janvier

631 views • 52 slides
Improved Cryptanalysis of Py Paul Crowley LShift Ltd State of the Art in Stream Ciphers 2006 Py

Improved Cryptanalysis of Py Paul Crowley LShift Ltd State of the Art in Stream Ciphers 2006 Py

Py SPP attack Improving on the attack Improved Cryptanalysis of Py Paul Crowley LShift Ltd State of the Art in Stream Ciphers 2006 Py SPP attack Improving on the attack Py eSTREAM entrant by Eli Biham and Jennifer Seberry Fast in

870 views • 38 slides
Proof mining in -trees and hyperbolic spaces Laurent iu Leus tean TU Darmstadt, Germany

Proof mining in -trees and hyperbolic spaces Laurent iu Leus tean TU Darmstadt, Germany

1 Proof mining in -trees and hyperbolic spaces Laurent iu Leus tean TU Darmstadt, Germany and Institute of Mathematics Simion Stoilow of the Romanian Academy

237 views • 22 slides
Japan: Defence and Security Strategic Aim: to be the second closest international defence

Japan: Defence and Security Strategic Aim: to be the second closest international defence

Japan: Defence and Security Strategic Aim: to be the second closest international defence equipment partner with Japan after the United States How? create a genuine two-way street of defence equipment cooperation including direct

910 views • 18 slides
ASPI-UNISYS Defence and Security Luncheon 26 May 2011 The 2011-12 Defence Budget Mark

ASPI-UNISYS Defence and Security Luncheon 26 May 2011 The 2011-12 Defence Budget Mark

ASPI-UNISYS Defence and Security Luncheon 26 May 2011 The 2011-12 Defence Budget Mark Thomson This years defence budget caused considerable alarm in some quarters. One commentator said that cuts to the defence budget announced

599 views • 13 slides
Attack on Traffic Systems These attack examples have happened in the past. We will take an

Attack on Traffic Systems These attack examples have happened in the past. We will take an

From start to finish how a cyber attack would be performed on traffic system, we will go over first day >> exploitation of the device >> the real-world aftermath. Mission Secure, Inc. Attack on Traffic Systems These attack examples

556 views • 18 slides
ED EDA A Defence ence Pr Procureme curement nt Ga Gate teway ED EDA Defence ence

ED EDA A Defence ence Pr Procureme curement nt Ga Gate teway ED EDA Defence ence

ED EDA A Defence ence Pr Procureme curement nt Ga Gate teway ED EDA Defence ence Procurem rocurement ent Ga Gateway EDA Defence Procurement Gateway Defence Procurement Defence Procurement Information Hub Opportunities Hub EU

325 views • 4 slides
Current Trends in Cyber Security Course on Cyber Attack Detection & Mitigation Techniques

Current Trends in Cyber Security Course on Cyber Attack Detection & Mitigation Techniques

Current Trends in Cyber Security Course on Cyber Attack Detection & Mitigation Techniques (NIT-K) S. K. Pal Defence Research & Development Organization (DRDO) SAG, Metcalfe House, Delhi 27-Jul-2020 1 What is Cyberspace? Refers to

766 views • 17 slides

More recommend