37,087 research outputs found
Towards Automating the Construction & Maintenance of Attack Trees: a Feasibility Study
Security risk management can be applied on well-defined or existing systems;
in this case, the objective is to identify existing vulnerabilities, assess the
risks and provide for the adequate countermeasures. Security risk management
can also be applied very early in the system's development life-cycle, when its
architecture is still poorly defined; in this case, the objective is to
positively influence the design work so as to produce a secure architecture
from the start. The latter work is made difficult by the uncertainties on the
architecture and the multiple round-trips required to keep the risk assessment
study and the system architecture aligned. This is particularly true for very
large projects running over many years. This paper addresses the issues raised
by those risk assessment studies performed early in the system's development
life-cycle. Based on industrial experience, it asserts that attack trees can
help solve the human cognitive scalability issue related to securing those
large, continuously-changing system-designs. However, big attack trees are
difficult to build, and even more difficult to maintain. This paper therefore
proposes a systematic approach to automate the construction and maintenance of
such big attack trees, based on the system's operational and logical
architectures, the system's traditional risk assessment study and a security
knowledge database.Comment: In Proceedings GraMSec 2014, arXiv:1404.163
Model the System from Adversary Viewpoint: Threats Identification and Modeling
Security attacks are hard to understand, often expressed with unfriendly and
limited details, making it difficult for security experts and for security
analysts to create intelligible security specifications. For instance, to
explain Why (attack objective), What (i.e., system assets, goals, etc.), and
How (attack method), adversary achieved his attack goals. We introduce in this
paper a security attack meta-model for our SysML-Sec framework, developed to
improve the threat identification and modeling through the explicit
representation of security concerns with knowledge representation techniques.
Our proposed meta-model enables the specification of these concerns through
ontological concepts which define the semantics of the security artifacts and
introduced using SysML-Sec diagrams. This meta-model also enables representing
the relationships that tie several such concepts together. This representation
is then used for reasoning about the knowledge introduced by system designers
as well as security experts through the graphical environment of the SysML-Sec
framework.Comment: In Proceedings AIDP 2014, arXiv:1410.322
Adversarial behaviours knowledge area
The technological advancements witnessed by our society in recent decades have brought
improvements in our quality of life, but they have also created a number of opportunities for
attackers to cause harm. Before the Internet revolution, most crime and malicious activity
generally required a victim and a perpetrator to come into physical contact, and this limited
the reach that malicious parties had. Technology has removed the need for physical contact
to perform many types of crime, and now attackers can reach victims anywhere in the world, as long as they are connected to the Internet. This has revolutionised the characteristics of crime and warfare, allowing operations that would not have been possible before. In this document, we provide an overview of the malicious operations that are happening on the Internet today. We first provide a taxonomy of malicious activities based on the attacker’s motivations and capabilities, and then move on to the technological and human elements that adversaries require to run a successful operation. We then discuss a number of frameworks that have been proposed to model malicious operations. Since adversarial behaviours are not a purely technical topic, we draw from research in a number of fields (computer science, criminology, war studies). While doing this, we discuss how these frameworks can be used by researchers and practitioners to develop effective mitigations against malicious online operations.Published versio
Tree defence and bark beetles in a drying world: carbon partitioning, functioning and modelling.
Drought has promoted large-scale, insect-induced tree mortality in recent years, with severe consequences for ecosystem function, atmospheric processes, sustainable resources and global biogeochemical cycles. However, the physiological linkages among drought, tree defences, and insect outbreaks are still uncertain, hindering our ability to accurately predict tree mortality under on-going climate change. Here we propose an interdisciplinary research agenda for addressing these crucial knowledge gaps. Our framework includes field manipulations, laboratory experiments, and modelling of insect and vegetation dynamics, and focuses on how drought affects interactions between conifer trees and bark beetles. We build upon existing theory and examine several key assumptions: (1) there is a trade-off in tree carbon investment between primary and secondary metabolites (e.g. growth vs defence); (2) secondary metabolites are one of the main component of tree defence against bark beetles and associated microbes; and (3) implementing conifer-bark beetle interactions in current models improves predictions of forest disturbance in a changing climate. Our framework provides guidance for addressing a major shortcoming in current implementations of large-scale vegetation models, the under-representation of insect-induced tree mortality
Appetite for self-destruction: suicidal biting as a nest defense strategy in Trigona stingless bees
Self-sacrificial behavior represents an extreme and relatively uncommon form of altruism in worker insects. It can occur, however, when inclusive fitness benefits are high, such as when defending the nest. We studied nest defense behaviors in stingless bees, which live in eusocial colonies subject to predation. We introduced a target flag to nest entrances to elicit defensive responses and quantified four measures of defensivity in 12 stingless bee species in São Paulo State, Brazil. These included three Trigona species, which are locally known for their aggression. Species varied significantly in their attack probability (cross species range = 0–1, P < 0.001), attack latency (7.0–23.5 s, P = 0.002), biting duration of individual bees (3.5–508.7 s, P < 0.001), and number of attackers (1.0–10.8, P < 0.001). A “suicide” bioassay on the six most aggressive species determined the proportion of workers willing to suffer fatal damage rather than disengage from an intruder. All six species had at least some suicidal individuals (7–83 %, P < 0.001), reaching 83 % in Trigona hyalinata. Biting pain was positively correlated with an index of overall aggression (P = 0.002). Microscopic examination revealed that all three Trigona species had five sharp teeth per mandible, a possible defensive adaptation and cause of increased pain. Suicidal defense via biting is a new example of self-sacrificial altruism and has both parallels and differences with other self-sacrificial worker insects, such as the honey bee. Our results indicate that suicidal biting may be a widespread defense strategy in stingless bees, but it is not universal
Building resilience into Sitka spruce (Picea sitchensis [Bong.] Carr.) forests in Scotland in response to the threat of climate change
Peer reviewedPublisher PD
Modelling escalation of attacks in federated identity management
PhD ThesisFederated Identity Management (FIM) is an increasingly prevalent method for authenticating
users online. FIM offloads the authentication burden from a Service Provider (SP) to an Identity
Provider (IdP) that the SP trusts. The different entities involved in the FIM process are referred
to as stakeholders. The benefits of FIM to stakeholders are clear, such as the ability for users to
use Single Sign-On. However, the security of FIM also has to be evaluated. Attacks on one point in
a FIM system can lead to other attacks being possible, and detecting those attacks can be hard just
from modelling the functionality of the FIM system. Attacks in which the effect of one attack can
become the cause for another attack are referred to in this thesis as escalating attacks. The
overall research question this thesis revolves around: how can we model escalating attacks to
detect attacks which are possible through an adversary first launching another attack, and present
causality of attacks to the FIM stakeholders involved?
This thesis performs a survey of existing attacks in FIM. We categorise attacks on FIM using a
taxonomy of our own design. This survey is the first attempt at categorising attacks that target
FIM using a taxonomy. Some attacks can have an effect that causes another attack to be possible in
ways that are difficult to predict. We consider a case study involving OAuth 2.0 (provided by
existing literature), as a basis for modelling attack escalation.
We then seek to present a language for modelling FIM systems and attacker manipulations on those
systems. We find that FIM systems can be generalised for the purpose of a programmatic logical
analysis. In addition, attacker manipulations on a system can be broken down using an existing
conceptual framework called Malicious and Accidental Fault Tolerance (MAFTIA).
Using a generalised FIM system model and MAFTIA, we can express a complex interlinking of attacks
informed by case studies in FIM security analysis. This is the first attempt to model FIM systems
generally and apply logical analysis to that model.
Finally, we show how causality of attacks can be analysed using attack trees. We find that any
solutions to an escalating attack can be expressed using a tree model which conforms to existing
research on attack trees. Our approach is the first attempt of modelling attacks on FIM systems
through the use of attack trees. We consider stakeholder attribution and cost analysis as concrete
methods for analysing attack trees
Classification hardness for supervised learners on 20 years of intrusion detection data
This article consolidates analysis of established (NSL-KDD) and new intrusion detection datasets (ISCXIDS2012, CICIDS2017, CICIDS2018) through the use of supervised machine learning (ML) algorithms. The uniformity in analysis procedure opens up the option to compare the obtained results. It also provides a stronger foundation for the conclusions about the efficacy of supervised learners on the main classification task in network security. This research is motivated in part to address the lack of adoption of these modern datasets. Starting with a broad scope that includes classification by algorithms from different families on both established and new datasets has been done to expand the existing foundation and reveal the most opportune avenues for further inquiry. After obtaining baseline results, the classification task was increased in difficulty, by reducing the available data to learn from, both horizontally and vertically. The data reduction has been included as a stress-test to verify if the very high baseline results hold up under increasingly harsh constraints. Ultimately, this work contains the most comprehensive set of results on the topic of intrusion detection through supervised machine learning. Researchers working on algorithmic improvements can compare their results to this collection, knowing that all results reported here were gathered through a uniform framework. This work's main contributions are the outstanding classification results on the current state of the art datasets for intrusion detection and the conclusion that these methods show remarkable resilience in classification performance even when aggressively reducing the amount of data to learn from
- …