28,971 research outputs found
How to Generate Security Cameras: Towards Defence Generation for Socio-Technical Systems
Recently security researchers have started to look into automated generation
of attack trees from socio-technical system models. The obvious next step in
this trend of automated risk analysis is automating the selection of security
controls to treat the detected threats. However, the existing socio-technical
models are too abstract to represent all security controls recommended by
practitioners and standards. In this paper we propose an attack-defence model,
consisting of a set of attack-defence bundles, to be generated and maintained
with the socio-technical model. The attack-defence bundles can be used to
synthesise attack-defence trees directly from the model to offer basic
attack-defence analysis, but also they can be used to select and maintain the
security controls that cannot be handled by the model itself.Comment: GraMSec 2015, 16 page
Identifying Security-Critical Cyber-Physical Components in Industrial Control Systems
In recent years, Industrial Control Systems (ICS) have become an appealing
target for cyber attacks, having massive destructive consequences. Security
metrics are therefore essential to assess their security posture. In this
paper, we present a novel ICS security metric based on AND/OR graphs that
represent cyber-physical dependencies among network components. Our metric is
able to efficiently identify sets of critical cyber-physical components, with
minimal cost for an attacker, such that if compromised, the system would enter
into a non-operational state. We address this problem by efficiently
transforming the input AND/OR graph-based model into a weighted logical formula
that is then used to build and solve a Weighted Partial MAX-SAT problem. Our
tool, META4ICS, leverages state-of-the-art techniques from the field of logical
satisfiability optimisation in order to achieve efficient computation times.
Our experimental results indicate that the proposed security metric can
efficiently scale to networks with thousands of nodes and be computed in
seconds. In addition, we present a case study where we have used our system to
analyse the security posture of a realistic water transport network. We discuss
our findings on the plant as well as further security applications of our
metric.Comment: Keywords: Security metrics, industrial control systems,
cyber-physical systems, AND-OR graphs, MAX-SAT resolutio
Impact estimation using data flows over attack graphs
We propose a novel approach to estimating the impact of an attack using a data model and an impact model on top of an attack graph. The data model describes how data flows between nodes in the network -- how it is copied and processed by softwares and hosts -- while the impact model models how exploitation of vulnerabilities affects the data flows with respect to the confidentiality, integrity and availability of the data. In addition, by assigning a loss value to a compromised data set, we can estimate the cost of a successful attack. We show that our algorithm not only subsumes the simple impact estimation used in the literature but also improves it by explicitly modeling loss value dependencies between network nodes. With our model, the operator will be able to use less time when comparing different security patches to a network
- …