Composite DoS attack model

Preparation for potential threats is one of the most important phases ensuring system security. It allows evaluating possible losses, changes in the attack process, the effectiveness of used countermeasures, optimal system settings, etc. In cyberattack cases, executing real experiments can be difficult for many reasons. However, mathematical or programming models can be used instead of conducting experiments in a real environment. This work proposes a composite denial of service attack model that combines bandwidth exhaustion, filtering and memory depletion models for a more real representation of similar cyber-attacks. On the basis of the introduced model, different experiments were done. They showed the main dependencies of the influence of attacker and victim’s properties on the success probability of denial of service attack. In the future, this model can be used for the denial of service attack or countermeasure optimization. Article in English. Jungtinis DoS atakų modelis Santrauka. Siekiant užkirsti kelią bet kokioms sistemų saugumo grėsmėms, vienas iš svarbiausių uždavinių yra prevencija. Tai leidžia numatyti galimus pavojus ir kovos su jais būdus, nustatyti jų efektyvumą ir pan. Tačiau realiai eksperimentuoti su turima sistema dažnai gali būti pernelyg sudėtinga, todėl daug lengviau šią problemą spręsti padeda matematiniai / programiniai modeliai. Straipsnyje siūlomas naujas DoS atakų modelis, sujungiantis kelių tipų DoS atakas (srauto ir atminties išnaudojimo, netinkamo filtrų nustatymo) ir jų įtaką viena kitai. Remiantis šiuo naujai sukurtu modeliu atlikti eksperimentai, kurių metu vertinama skirtingų atakos ir aukos savybių reikšmių įtaka bendrai atakos sėkmės tikimybei. Raktiniai žodžiai: elektroninės paslaugos trikdymo ataka; modelis; DoS; DDo

Algebraic graph transformations for merging ontologies

The conception of an ontology is a complex task influenced by numerous factors like the point of view of the authors or the level of details. Consequently, several ontologies have been developed to model identical or related domains leading to partially overlapping representations. This divergence of conceptualization requires the study of ontologies merging in order to create a common repository of knowledge and integrate various sources of information. In this paper, we propose a formal approach for merging ontologies using typed graph grammars. This method relies on the algebraic approach to graph transformations, SPO (Simple PushOut) which allows a formal representation and ensures the consistence of the results. Furthermore, a new ontologies merging algorithm called GROM (Graph Rewriting for Ontology Merging) is presented

Algebraic graph transformations for formalizing ontology changes and evolving ontologies

An ontology represents a consensus on the representation of the concepts and axioms of a given domain. This consensus is often reached through an iterative process, each iteration consisting in modifying the current version of the consensus. Furthermore, frequent and continuous changes are also occurring when the represented domain evolves or when new requirements have to be considered. Consequently, ontologies have to be adaptable to handle evolution, revision and refinement. However, this process is highly challenging as it is often difficult to understand all affected ontology parts when changes are performed. Thus, inconsistencies can occur in the ontology as the changes can introduce contradictory axioms. To address this issue, this paper presents a formal approach for evolving ontologies using Typed Graph Grammars. This method relies on the algebraic approach Simple PushOut (SPO) of graph transformations. It formalizes the ontology changes and proposes an a priori approach of inconsistencies resolution. The modified ontology does not need an explicit checking as an incorrect ontology version cannot actually be generated. To validate our proposal, an implementation is presented using the Attributed Graph Grammar (AGG) toolbox

Symbolic approach to the analysis of security protocols

The specification and validation of security protocols often requires viewing function calls - like encryption/decryption and the generation of fake messages explicitly as actions within the process semantics. Following this approach, this paper introduces a symbolic framework based on value-passing processes able to handle symbolic values like fresh nonces, fresh keys, fake addresses and fake messages. The main idea in our approach is to assign to each value-passing process a formula describing the symbolic values conveyed by its semantics. In such symbolic processes, called constrained processes, the formulas are drawn from a logic based on a message algebra equipped with encryption, signature and hashing primitives. The symbolic operational semantics of a constrained process is then established through semantic rules updating formulas by adding restrictions over the symbolic values, as required for the process to evolve. We then prove that the logic required from the semantic rules is decidable. We also define a bisimulation equivalence between constrained processes; this amounts to a generalisation of the standard bisimulation equivalence between (non-symbolic) value-passing processes. Finally, we provide a complete symbolic bisimulation method for constructing the bisimulation between constrained processes

On the Development and Use of a Formal Object Oriented Methodology Based on an Application Case Study

The objective of this thesis is to evaluate the object oriented specification language Troll for industry. We used Troll from analysis to implementation for an information system which is located at the Physical Technical Federal Board (PTB) in Germany. This information system assists different users who deal with the certification and testing of electrical equipment in an explosive atmosphere. The main part of this thesis therefore describes the advantages and the disadvantages of using Troll in various software engineering phases and different problem domains, such as in the safety critical part. When we started this project it was clear that Troll was not suited for all aspects which we had to deal with. However, due to the well-defined semantics of Troll it was straightforward to extend it as needed. Limits, however, had to be accepted in certain areas such as those with real-time aspects. In this thesis, we will also demonstrate how formal techniques that include the object oriented paradigm can be made profitable in software engineering practice. Software engineers should not be asking how to use formal methods, but how to benefit from them as part of a complete software engineering approach. We will give some rules and advice based on practical experience which can provide benefits in similar settings.In der vorliegenden Dissertation wird die objektorientiert Spezifikationssprache TROLL im industriellen Bereich evaluiert. Hierzu wurde TROLL für die Entwicklung eines Informationssystem der PTB (Physikalisch Technischen Bundesanstalt Braunschweig) von der Analysephase bis zur Implementierung eingesetzt. Das Informationssystem unterstützt unterschiedliche Benutzer bei der Zertifizierung und dem Test von elektrischen Geräten, die in explosiven Umgebungen eingesetzt werden. Der Hauptteil dieser Dissertation beschreibt die Vor- und Nachteile von TROLL beim Einsatz in den verschiedenen Software Engineering Phasen und den unterschiedlichen Anwendungsgebieten, wie etwa im sicherheitskritischen Bereich. Beim Start des Projektes stand bereits fest, dass die Sprache TROLL nicht alle Aspekte der Entwicklung abdecken konnte. Es war jedoch aufgrund der strengen semantischen Definition der Sprache einfach, TROLL um neue Konzepte zu erweitern. An einigen Stellen, wie z.B. bei der Realzeit muußten aber die Grenzen der Erweiterbarkeit aktzeptiert werden. Zusätzlich zeigt diese Dissertation, wie eine Kombination aus formalen Techniken und objektorientierten Ansätzen effektiv im Software Engineering eingesetzt werden kann. Softwareentwickler sollten in Zukunft nicht mehr fragen, ob sie eine formale Methode benutzen sollen, sondern eher wie sie diese in der Softwarentwicklung optimal einsetzen können. Die Arbeit gibt Ratschläge und Regeln weiter, die auf den positiven Erfahrungen bei der Entwicklung des Informationssystems der PTB basieren

Computer-Aided Validation of Formal Conceptual Models

Conceptual modelling is the process of the software life cycle concerned with the identification and specification of requirements for the system to be built. The use of formal specification languages provides more precise and concise specifications. Nevertheless, there is still a need for techniques to support the validation of formal specifications against the informal user requirements. A limitation of formal specifications is that they cannot readily be understood by users unless they have been specially trained. However, user validation can be facilitated by exploiting the executable aspects of formal specification languages. This thesis presents a systematic approach and workbench environment to support the construction and validation through animation of TROLL specifications. Our approach is an iterative requirements definition process consisting of the formal specification of requirements, the automatic transformation of the specification into an executable form, and the interactive animation of the executable version to validate user requirements. To provide objects with persistence in the animation environment, we analyse how the static structure of TROLL objects can be mapped into relational tables. In order to execute the specification, we analyse the operational meaning of state transitions in TROLL, determine an execution model, and describe the transformation of the specifications into C++ code. We present a prototype implementation of the workbench environment.Die konzeptionelle Modellierung ist die Phase im Softwareentwurf, die sich mit der Identifikation und der Spezifikation von Systemanforderungen befasst. Formale Spezifikationssprachen ermöglichen präzisere und eindeutigere Spezifikationen. Trotzdem werden Techniken zur Validierung von formalen Spezifikationen bezüglich der informellen Benutzeranforderungen weiterhin benötigt. Ein Nachteil von formalen Spezifikationen ist, dass sie für Benutzer ohne entsprechende Vorkenntnisse nicht leicht verständlich sind. Die Einbeziehung der Benutzer in den Validierungsprozess kann jedoch durch die Ausführung der Spezifikation vereinfacht werden. Diese Arbeit liefert einen systematischen Ansatz und eine Entwicklungsumgebung für die Konstruktion von TROLL-Spezifikationen und deren Validierung durch Animation. Unser Ansatz basiert auf einem iterativen Prozess zur Anforderungsdefinition bestehend aus der formalen Spezifikation von Anforderungen, der automatischen Übersetzung der Spezifikation in eine ausführbare Form, und der interaktiven Animation um die Benutzeranforderungen zu validieren. Um die Objektzustände in der Animationsumgebung persistent zu halten, wird untersucht, wie die statische Struktur von TROLL-Objekten in relationale Tabellen umgesetzt werden kann. Um die Spezifikationen auszuführen, wird die operationale Bedeutung von TROLL-Zustandsübergängen analysiert und ein Ausführungsmodell festgelegt. Anschließend wird die Übersetzung von den Spezifikationen in C++ beschrieben. Wir zeigen eine prototypische Implementierung der Animationsumgebung

Nutzerfreundliche Modellierung mit hybriden Systemen zur symbolischen Simulation in CLP

Die Dissertation beinhaltet die Sprachen MODEL-HS und VYSMO zur modularen, deklarativen Beschreibung hybrider Systeme, die dem Nachweis zeit- und sicherheitskritischer Eigenschaften für die symbolische Simulation in CLP dienen. Zum Erlangen sprachtheoretischer Erkenntnisse wie Entscheidbarkeit wurden hybride Systeme neu unter formal nachweisbaren Akzeptanzbedingungen definiert, welche durch praktische Beispiele belegt sind. Weitere Ergebnisse sind eine neue Klassifikation hybrider Systeme, ein Werkzeug ROSSY, Anfragebeschreibungen und deren Transformation in temporal-logische Ausdrücke, Anfragemasken und Anwendungen für Studiensysteme und parallele Programme.The dissertation includes the languages MODEL-HS and VYSMO for modular, declarative description of hybrid systems that serve the proof of time- and safety-critical properties for symbolic simulation in CLP. For coming to language-theoretical conclusions like decidability hybrid systems are newly defined under acceptance conditions that can be formally proved and for which practical examples bear witness. A new classification of hybrid systems, a tool ROSSY, query descriptions and their transformation into temporal-logic expressions, query forms and applications for study systems and parallel programs are further results

Formal Specifications of Computer-Based Systems - J.UCS Special Issue

Formal Specifications of Computer-Based Systems - J.UCS Special Issu

J.UCS Special Issue on Formal Specifications of Computer-Based Systems

J.UCS Special Issue on Formal Specifications of Computer-Based System