XRound : A reversible template language and its application in model-based security analysis

Successful analysis of the models used in Model-Driven Development requires the ability to synthesise the results of analysis and automatically integrate these results with the models themselves. This paper presents a reversible template language called XRound which supports round-trip transformations between models and the logic used to encode system properties. A template processor that supports the language is described, and the use of the template language is illustrated by its application in an analysis workbench, designed to support analysis of security properties of UML and MOF-based models. As a result of using reversible templates, it is possible to seamlessly and automatically integrate the results of a security analysis with a model. (C) 2008 Elsevier B.V. All rights reserved

Smart Computer Security Audit: Reinforcement Learning with a Deep Neural Network Approximator

A significant challenge in modern computer security is the growing skill gap as intruder capabilities increase, making it necessary to begin automating elements of penetration testing so analysts can contend with the growing number of cyber threats. In this paper, we attempt to assist human analysts by automating a single host penetration attack. To do so, a smart agent performs different attack sequences to find vulnerabilities in a target system. As it does so, it accumulates knowledge, learns new attack sequences and improves its own internal penetration testing logic. As a result, this agent (AgentPen for simplicity) is able to successfully penetrate hosts it has never interacted with before. A computer security administrator using this tool would receive a comprehensive, automated sequence of actions leading to a security breach, highlighting potential vulnerabilities, and reducing the amount of menial tasks a typical penetration tester would need to execute. To achieve autonomy, we apply an unsupervised machine learning algorithm, Q-learning, with an approximator that incorporates a deep neural network architecture. The security audit itself is modelled as a Markov Decision Process in order to test a number of decisionmaking strategies and compare their convergence to optimality. A series of experimental results is presented to show how this approach can be effectively used to automate penetration testing using a scalable, i.e. not exhaustive, and adaptive approach

Model of cybersecurity means financing with the procedure of additional data obtaining by the protection side

The article describes the model of cybersecurity means financing strategies of the information object with incomplete information about the financial resources of the attacking side. The proposed model is the core of the module of the developed decision support system in the problems of choosing rational investing variants for information protection and cybersecurity of various information objects. The model allows to find financial solutions using the tools of the theory of multistep games with several terminal surfaces. The authors proposed an approach that allows information security management to make a preliminary assessment of strategies for financing the effective cybersecurity systems. The model is distinguished by the assumption that the protection side does not have complete information, both about the financing strategies of the attacking side, and about its financial resources state aimed at overcoming cybersecurity lines of the information object. At the same time, the protection side has the opportunity to obtain additional information by the part of its financial resources. This makes it possible for the protection side to obtain a positive result for itself in the case when it can not be received without this procedure. The solution was found using a mathematical apparatus of a nonlinear multistep quality game with several terminal surfaces with alternate moves. In order to verify the adequacy of the model there was implemented a multivariate computational experiment. The results of this experiment are described in the article. © 2005 - ongoing JATIT & LL

Reinforcement learning for efficient network penetration testing

Penetration testing (also known as pentesting or PT) is a common practice for actively assessing the defenses of a computer network by planning and executing all possible attacks to discover and exploit existing vulnerabilities. Current penetration testing methods are increasingly becoming non-standard, composite and resource-consuming despite the use of evolving tools. In this paper, we propose and evaluate an AI-based pentesting system which makes use of machine learning techniques, namely reinforcement learning (RL) to learn and reproduce average and complex pentesting activities. The proposed system is named Intelligent Automated Penetration Testing System (IAPTS) consisting of a module that integrates with industrial PT frameworks to enable them to capture information, learn from experience, and reproduce tests in future similar testing cases. IAPTS aims to save human resources while producing much-enhanced results in terms of time consumption, reliability and frequency of testing. IAPTS takes the approach of modeling PT environments and tasks as a partially observed Markov decision process (POMDP) problem which is solved by POMDP-solver. Although the scope of this paper is limited to network infrastructures PT planning and not the entire practice, the obtained results support the hypothesis that RL can enhance PT beyond the capabilities of any human PT expert in terms of time consumed, covered attacking vectors, accuracy and reliability of the outputs. In addition, this work tackles the complex problem of expertise capturing and re-use by allowing the IAPTS learning module to store and re-use PT policies in the same way that a human PT expert would learn but in a more efficient way

Verifying Access Control in Statecharts

Access control is one of the main security mechanisms for software applications. It ensures that all accesses conform to a predefined access control policy. It is important to check that the access control policy is well implemented in the system. When following an MDD methodology it may be necessary to check this early during the development lifecycle, namely when modeling the application. This paper tackles the issue of verifying access control policies in statecharts. The approach is based on the transformation of a statechart into an Algebraic Petri net to enable checking access control policies and identifying potential inconsistencies with an OrBAC set of access control policies. Our method allows locating the part of the statechart that is causing the problem. The approach has been successfully applied to a Library Management System. Based on our proposal a tool for performing the transformation and localization of errors in the statechart has been implemented

Department of Homeland Security Science and Technology Directorate: Developing Technology to Protect America

In response to a congressional mandate and in consultation with Department of Homeland Security's (DHS) Science and Technology Directorate (S&T), the National Academy conducted a review of S&T's effectiveness and efficiency in addressing homeland security needs. This review included a particular focus that identified any unnecessary duplication of effort, and opportunity costs arising from an emphasis on homeland security-related research. Under the direction of the National Academy Panel, the study team reviewed a wide variety of documents related to S&T and homeland security-related research in general. The team also conducted interviews with more than 200 individuals, including S&T officials and staff, officials from other DHS component agencies, other federal agencies engaged in homeland security-related research, and experts from outside government in science policy, homeland security-related research and other scientific fields.Key FindingsThe results of this effort indicated that S&T faces a significant challenge in marshaling the resources of multiple federal agencies to work together to develop a homeland security-related strategic plan for all agencies. Yet the importance of this role should not be underestimated. The very process of working across agencies to develop and align the federal homeland security research enterprise around a forward-focused plan is critical to ensuring that future efforts support a common vision and goals, and that the metrics by which to measure national progress, and make changes as needed, are in place