sysml sec attack graphs compact representations for
play

SysML-Sec Attack Graphs: Compact Representations for Complex Attacks - PowerPoint PPT Presentation

Jul 10, 2023 •234 likes •470 views

SysML-Sec Attack Graphs: Compact Representations for Complex Attacks Institut Ludovic Apvrille Mines-Telecom ludovic.apvrille@telecom-paristech.fr Yves Roudier yves.roudier@eurecom.fr GraMSec2015 Context: Security for Embedded Systems

  1. SysML-Sec Attack Graphs: Compact Representations for Complex Attacks Institut Ludovic Apvrille Mines-Telecom ludovic.apvrille@telecom-paristech.fr Yves Roudier yves.roudier@eurecom.fr GraMSec’2015

  2. Context: Security for Embedded Systems Attack trees Contribution Conclusion Outline Context: Security for Embedded Systems Embedded systems SysML-Sec Attack trees Contribution Conclusion 2/23 July, 2015 Institut Mines-Telecom

  3. Context: Security for Embedded Systems Attack trees Contribution Conclusion Examples of Threats Transport systems Use of exploits in Flight Management System (FMS) to control ADS-B/ACARS [Teso 2013] Internet of Things (C) aviationweek.com Proof of concept of attack on IZON camera [Stanislav 2013] Medical appliances Infusion pump vulnerability, April 2015. http://www.scip.ch/en/?vuldb.75158 (C) Hospira 3/23 July, 2015 Institut Mines-Telecom

  4. Context: Security for Embedded Systems Attack trees Contribution Conclusion Designing Safe and Secure Embedded Systems: SysML-Sec Main idea ◮ Holistic approach : bring together experts in embedded system architects, system designers and security experts Common issues (addressed by SysML-Sec): ◮ Adverse effects of security over safety/real-time/performance properties ◮ Commonly: only the design of security mechanisms ◮ Hardware/Software partitioning ◮ Commonly: no support for this in tools/approaches in MDE and security approaches 4/23 July, 2015 Institut Mines-Telecom

  5. Context: Security for Embedded Systems Attack trees Contribution Conclusion SysML-Sec: Methodology Functional view Architectural view Functional view Architectural view Simulation Formal analysis Requirements Mapping view Requirements Mapping view Simulation Formal analysis SW/HW Partitioning Attacks Attacks Simulation Formal analysis Simulation Structural view Behavioral view Structural view Behavioral view Formal analysis Deployment view Test Deployment view System Design System Design Fully supported by TTool 5/23 July, 2015 Institut Mines-Telecom

  6. Context: Security for Embedded Systems Attack trees Contribution Conclusion Outline Context: Security for Embedded Systems Attack trees Attack trees Contribution Conclusion 6/23 July, 2015 Institut Mines-Telecom

  7. Context: Security for Embedded Systems Attack trees Contribution Conclusion Google-izing Attack Trees 7/23 July, 2015 Institut Mines-Telecom

  8. Context: Security for Embedded Systems Attack trees Contribution Conclusion Attack Trees Definition and purpose ◮ Originate from fault trees, introduced by Bruce Schneier (1999) ◮ Depict how a system element can be attacked ◮ Helps finding attack countermeasures ◮ Root attack, children, leaves ◮ OR and AND relations between children 8/23 July, 2015 Institut Mines-Telecom

  9. Context: Security for Embedded Systems Attack trees Contribution Conclusion Attack Trees: Related Work ◮ Generation of ATs from other formalisms [Vigo 2014] ◮ Semantics extensions ◮ [Khand 2009] ◮ PAND , k-out-of-n , CSUB , SEQ , . . . ◮ [Zhao 2014] ◮ Permissions and capabilities on nodes ◮ Applied to malware analysis ◮ Security assessment ◮ Privilege graphs [Dacier 1996] ◮ Petri nets [Dalton 2006] [Pudar 2009] ◮ Markov processes [Pi` etre-Cambac´ ed` es 2010] 9/23 July, 2015 Institut Mines-Telecom

  10. Context: Security for Embedded Systems Attack trees Contribution Conclusion Attack Trees: A Few Issues Semantics Relation with other development stages ◮ Semantics of AND and OR is limited to express complex ◮ No relation with (security) attack scenarios requirements ◮ No ordering between ◮ More generally, not attacks integrated into ◮ No temporal operators methodologies ◮ No relation between attacks and the HW/SW components of the system ◮ Difficult to figure out the where and which of countermeasures 10/23 July, 2015 Institut Mines-Telecom

  11. Context: Security for Embedded Systems Attack trees Contribution Conclusion Outline Context: Security for Embedded Systems Attack trees Contribution New operators Conclusion 11/23 July, 2015 Institut Mines-Telecom

  12. Context: Security for Embedded Systems Attack trees Contribution Conclusion Overview (with an Example) <<block>> AttackerSystem <<block>> AttackerPC <<root attack>> IllegalBankAccountTransactionBasedOnT oken ◮ SysML Parametric <<SEQUENCE>> 1 2 <<block>> AttackerWebServer diagram <<attack>> <<attack>> LogOnBankAccount PerformT okenBasedAuthentication <<attack>> GenerateFakeBankWebsite ◮ Asset = Block <<attack>> <<BEFORE>> 2 SendTANT oServer 120 1 ◮ Attacks = <<block>> <<attack>> AttackedSystem <<block>> RetrieveUserLoginAndPassword UserMobilePhone_Android <<AND>> Attributes of blocks <<attack>> <<block>> RetrieveTransactionTAN UserPC ◮ Relation between <<attack>> <<attack>> InstallKeyLogger ControlFakeHTTPBankURL <<SEQUENCE>> 1 2 attacks = <<block>> Browser <<attack>> <<block>> SilentlyInterceptSMS Windows_Win32 <<attack>> Constraints InstallMaliciousPlugin <<attack>> <<attack>> InstallTrojan UserInstallsFakeBankApplication <<attack>> ◮ Formal semantics RedirectHTTPRequestFromBankT oFakeBank <<attack>> 1 ExploitVulnerability <<attack>> <<SEQUENCE>> 2 RequestUserT oInstallMobileFakeBankApplication ◮ Timed automata <<XOR>> <<attack>> ExploitVunerability <<block>> <<attack>> OtherSoftwareApplications ExploitVulnerability 12/23 July, 2015 Institut Mines-Telecom

  13. Context: Security for Embedded Systems Attack trees Contribution Conclusion Semantics ◮ Attacks ◮ Intermediate attacks ◮ Root attack ◮ Constraints ◮ AND, OR, XOR, SEQUENCE, BEFORE, AFTER 13/23 July, 2015 Institut Mines-Telecom

  14. Context: Security for Embedded Systems Attack trees Contribution Conclusion Semantics of Attacks Attack Intermediate Attack 14/23 July, 2015 Institut Mines-Telecom

  15. Context: Security for Embedded Systems Attack trees Contribution Conclusion Semantics of Constraints AND SEQUENCE 15/23 July, 2015 Institut Mines-Telecom

  16. Context: Security for Embedded Systems Attack trees Contribution Conclusion Semantics of Constraints (Cont.) OR XOR 16/23 July, 2015 Institut Mines-Telecom

  17. Context: Security for Embedded Systems Attack trees Contribution Conclusion Semantics of Constraints (Cont.) BEFORE AFTER 17/23 July, 2015 Institut Mines-Telecom

  18. Context: Security for Embedded Systems Attack trees Contribution Conclusion Formal Verification ◮ Reachability of an attack a ◮ Liveness of an attack a ◮ a 1 Leads to a 2 ( a 1 � a 2 ) 18/23 July, 2015 Institut Mines-Telecom

  19. Context: Security for Embedded Systems Attack trees Contribution Conclusion Disabling Attacks ◮ Right click to disable/enable an attack <<block>> UserMobilePhone_Android <<attack>> RetrieveTransactionTAN <<SEQUENCE>> 1 2 <<attack>> SilentlyInterceptSMS disabled <<attack>> UserInstallsFakeBankApplication 19/23 July, 2015 Institut Mines-Telecom

  20. Context: Security for Embedded Systems Attack trees Contribution Conclusion Temporal Compatibility ◮ Temporal constraints may impact attacks reachability/liveness <<attack>> final <<BEFORE>> 10 1 2 <<AFTER>> <<attack>> 15 attack01 1 2 <<attack>> <<attack>> attack03 attack02 20/23 July, 2015 Institut Mines-Telecom

  21. Context: Security for Embedded Systems Attack trees Contribution Conclusion Outline Context: Security for Embedded Systems Attack trees Contribution Conclusion Conclusion, future work and references 21/23 July, 2015 Institut Mines-Telecom

  22. Context: Security for Embedded Systems Attack trees Contribution Conclusion Conclusion and Future Work Achievements ◮ Extended and formally defined attack trees ◮ Integrated into SysML-Sec ◮ Fully supported by TTool ◮ Applied to different domains, e.g., malware, automotive systems Future work ◮ Handling new situations ◮ Cycles, nb of iterations, priorities ◮ Quantitative assessments of threats 22/23 July, 2015 Institut Mines-Telecom

  23. Context: Security for Embedded Systems Attack trees Contribution Conclusion To Go Further ... Web sites ◮ https://sysml-sec.telecom-paristech.fr ◮ https://ttool.telecom-paristech.fr References (SysML-Sec) ◮ Ludovic Apvrille, Yves Roudier, ”SysML-Sec: A SysML Environment for the Design and Development of Secure Embedded Systems”, Proceedings of the INCOSE/APCOSEC 2013 Conference on system engineering, Yokohama, Japan, September 8-11, 2013. 23/23 July, 2015 Institut Mines-Telecom

Recommend

SysML Overview Draft Update SysML Partners www.sysml.org OMG SE DSIG Meeting April 27, 2004

SysML Overview Draft Update SysML Partners www.sysml.org OMG SE DSIG Meeting April 27, 2004

SysML Overview Draft Update SysML Partners www.sysml.org OMG SE DSIG Meeting April 27, 2004 Objectives Describe SysML approach for customizing UML 2 to satisfy UML for SE RFP requirements Material is In Process based on current

1.7k views • 119 slides
Introduction Attack Graphs Model Creation Analysis of Attack Graphs

Introduction Attack Graphs Model Creation Analysis of Attack Graphs

EVA Evolutionary Vulnerability Analyzer A Framework for Network Analysis and Risk Assessment Dr. Melissa Danforth Department of Computer Science California State University, Bakersfield Introduction Attack Graphs Model Creation

684 views • 50 slides
Graphs and their representations After this lesson, you should be able to define the

Graphs and their representations After this lesson, you should be able to define the

Review Re A E C F B D Graphs and their representations After this lesson, you should be able to define the major terminology relating to graphs implement a graph in code, using various conventions https :// www.google.com /

567 views • 22 slides
Graphs and their representations After this lesson, you should be able to define the

Graphs and their representations After this lesson, you should be able to define the

A E C F B D Graphs and their representations After this lesson, you should be able to define the major terminology relating to graphs implement a graph in code, using various conventions

233 views • 21 slides
A Compact Representation for Chordal Chordal Graphs Graphs A Compact Representation for Lilian

A Compact Representation for Chordal Chordal Graphs Graphs A Compact Representation for Lilian

A Compact Representation for Chordal Chordal Graphs Graphs A Compact Representation for Lilian Markenzon Lilian Markenzon N cleo de Computa cleo de Computa o Eletrnica o Eletrnica N Universidade Federal do Rio de Janeiro,

437 views • 27 slides
Towards Compact and Tractable Automaton-based Representations of Time Granularities Ugo Dal Lago

Towards Compact and Tractable Automaton-based Representations of Time Granularities Ugo Dal Lago

Towards Compact and Tractable Automaton-based Representations of Time Granularities Ugo Dal Lago 1 , Angelo Montanari 2 , and Gabriele Puppis 2 1 Dipartimento di Scienze dellInformazione, Universit` a di Bologna Mura Anteo Zamboni 7, 40127

342 views • 21 slides
A Bayesian Approach to Finding Compact Representations for Reinforcement Learning Special thanks

A Bayesian Approach to Finding Compact Representations for Reinforcement Learning Special thanks

A Bayesian Approach to Finding Compact Representations for Reinforcement Learning Special thanks to Joelle Pineau for presenting our paper - July, 2012 1 Authors Alborz Geramifard Stefanie Tellex David Wingate Nicholas Roy Jonathan How 2

491 views • 25 slides
Graphs and their representations After this lesson, you should be able to explain what

Graphs and their representations After this lesson, you should be able to explain what

Graphs and their representations After this lesson, you should be able to explain what makes a graph different than a tree implement simple graph algorithms https://www.google.com/maps/preview#!data=!1m4!1m3!1d989355!2d-

505 views • 15 slides
Graphs Introduction Types Classes Slides by Christopher M. Bourke Representations Instructor:

Graphs Introduction Types Classes Slides by Christopher M. Bourke Representations Instructor:

Graphs CSE235 Graphs Introduction Types Classes Slides by Christopher M. Bourke Representations Instructor: Berthe Y. Choueiry Isomorphism Connectivity Euler &amp; Hamiltonian Spring 2006 Computer Science &amp; Engineering 235

783 views • 56 slides
Pixel &amp; Voxel Representations of Graphs Md. Jawaherul Alam Tiomas Blsius Ignaz Rutuer

Pixel &amp; Voxel Representations of Graphs Md. Jawaherul Alam Tiomas Blsius Ignaz Rutuer

Northridge, Los Angeles September 26, 2015 Graph Drawing Pixel &amp; Voxel Representations of Graphs Md. Jawaherul Alam Tiomas Blsius Ignaz Rutuer Torsuen Ueckerdt Alexander Wolff . Motivation Build contact representation of graphs

1.49k views • 87 slides
Pixel &amp; Voxel Representations of Graphs Md. Jawaherul Alam Tiomas Blsius Ignaz Rutuer

Pixel &amp; Voxel Representations of Graphs Md. Jawaherul Alam Tiomas Blsius Ignaz Rutuer

Northridge, Los Angeles September 26, 2015 Graph Drawing Pixel &amp; Voxel Representations of Graphs Md. Jawaherul Alam Tiomas Blsius Ignaz Rutuer Torsuen Ueckerdt Alexander Wolff . Motivation Build contact representation of graphs

1.65k views • 88 slides
Maps A map is an equivalence class of labeled graphs embedded on a compact Riemann surface.

Maps A map is an equivalence class of labeled graphs embedded on a compact Riemann surface.

Maps A map is an equivalence class of labeled graphs embedded on a compact Riemann surface. Equivalent if an orientation preserving homeomorphism of the surface takes one graph to the other. Map condition the graphs complement must be

294 views • 12 slides
Attack Graphs Systems and Internet Infrastructure Security (SIIS) Laboratory Page 1 Outline Attack

Attack Graphs Systems and Internet Infrastructure Security (SIIS) Laboratory Page 1 Outline Attack

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Attack Graphs Systems and Internet Infrastructure Security (SIIS)

1.06k views • 60 slides
Contact Representations of Planar Graphs Graduiertenkolleg MDS TU Berlin April 20., 2015 Stefan

Contact Representations of Planar Graphs Graduiertenkolleg MDS TU Berlin April 20., 2015 Stefan

Contact Representations of Planar Graphs Graduiertenkolleg MDS TU Berlin April 20., 2015 Stefan Felsner felsner@math.tu-berlin.de Overview A Survey of Results and Problems Straight Line Triangle Representations Discs a a b b c c

528 views • 49 slides
New Geometric Representations and Domination Problems on Tolerance and Multitolerance Graphs

New Geometric Representations and Domination Problems on Tolerance and Multitolerance Graphs

New Geometric Representations and Domination Problems on Tolerance and Multitolerance Graphs Archontia Giannopoulou George B. Mertzios School of Engineering and Computing Sciences, Durham University, UK Algorithmic Graph Theory on the Adriatic

1.04k views • 83 slides
Old and New Challenges in Coloring Graphs with Geometric Representations Bartosz Walczak

Old and New Challenges in Coloring Graphs with Geometric Representations Bartosz Walczak

Old and New Challenges in Coloring Graphs with Geometric Representations Bartosz Walczak Jagiellonian University Krakw, Poland The 27th International Symposium on Graph Drawing and Network Visualization Chromatic number, denoted :

978 views • 72 slides
Graphical representations of a corpus, and clustering on graphs University of Birmingham, 11

Graphical representations of a corpus, and clustering on graphs University of Birmingham, 11

Graphical representations of a corpus, and clustering on graphs University of Birmingham, 11 February 2016 Yves van Gennip (University of Nottingham) Joint work with R. Carrington, A. Hennessey, M. Mahlberg, S. Preston, K. Severn, V. Wiegand

398 views • 12 slides
A Massively Scalable Architecture for Learning Representations from Heterogeneous Graphs NVIDIA

A Massively Scalable Architecture for Learning Representations from Heterogeneous Graphs NVIDIA

A Massively Scalable Architecture for Learning Representations from Heterogeneous Graphs NVIDIA GPU Technology Conference 2019 - San Jose, CA C. Bayan Bruss Anish Khazane 1. Overview &amp; Background TODAYS TALK 2. Our Approach How to

680 views • 54 slides
Weak Unit Disk Contact Representations for Graphs without Embedding Jonas Cleve, Freie

Weak Unit Disk Contact Representations for Graphs without Embedding Jonas Cleve, Freie

Weak Unit Disk Contact Representations for Graphs without Embedding Jonas Cleve, Freie Universitt Berlin EuroCG 2020 March 1618 Wrzburg, Germany Unit Disk Contact Representations Unit disk contact representation (UDCR) of G = ( V ,

823 views • 71 slides
Introduction to UML and SysML Mark Austin E-mail: austin@isr.umd.edu Institute for Systems

Introduction to UML and SysML Mark Austin E-mail: austin@isr.umd.edu Institute for Systems

ENES 489P Hands-On Systems Engineering Projects Introduction to UML and SysML Mark Austin E-mail: austin@isr.umd.edu Institute for Systems Research, University of Maryland, College Park p. 1/75 Systems Engineering with UML and SysML

1.13k views • 75 slides
Geometric representations of planar graphs and maps Eric Fusy (CNRS/LIX) Summer school on

Geometric representations of planar graphs and maps Eric Fusy (CNRS/LIX) Summer school on

Geometric representations of planar graphs and maps Eric Fusy (CNRS/LIX) Summer school on random geometry, Bogota, may 2016 Overview of the course Planar graphs and planar maps - structural aspects 1 1 2 2 2 2 3 3 -

1.74k views • 160 slides
Minimal Representations of Order Types by Geometric Graphs Aichholzer 1 , Balko 2 , Hoffmann 3 ,

Minimal Representations of Order Types by Geometric Graphs Aichholzer 1 , Balko 2 , Hoffmann 3 ,

Minimal Representations of Order Types by Geometric Graphs Aichholzer 1 , Balko 2 , Hoffmann 3 , Kyn cl 2 , Mulzer 4 , Parada 1 , Pilz 1,3 , Scheucher 5 , Valtr 2 , Vogtenhuber 1 , and Welzl 3 1 Graz University of Technology 2 Charles

961 views • 51 slides
Compact Drawings of 1-Planar Graphs with Right-Angle Crossings and Few Bends Steven Chaplick,

Compact Drawings of 1-Planar Graphs with Right-Angle Crossings and Few Bends Steven Chaplick,

Compact Drawings of 1-Planar Graphs with Right-Angle Crossings and Few Bends Steven Chaplick, Fabian Lipp, Alexander Wolff, and Johannes Zink Introduction: Beyond-Planar Graphs 2 Types of drawings: Planar: No crossings Introduction:

1.55k views • 139 slides
Executable Models and Verification from MARTE and SysML: a Comparative Study of Code Generation

Executable Models and Verification from MARTE and SysML: a Comparative Study of Code Generation

Introduction SysML MARTE Code Generation Conclusions and Remarks Executable Models and Verification from MARTE and SysML: a Comparative Study of Code Generation Capabilities Marcello Mura Amrit Panda Mauro Prevostini

721 views • 56 slides

More recommend