assisted generation of attack trees the atsyraprototype
play

Assisted Generation of Attack Trees : the ATSyRAprototype Sophie - PowerPoint PPT Presentation

Feb 03, 2023 •468 likes •798 views

Assisted Generation of Attack Trees : the ATSyRAprototype Sophie Pinchinat joint work with Mathieu Acher and Didier Vojtisek Universit e de Rennes 1 GraMSec, 13 July 2015 Outline Introductory example 1 Goal decomposition High-level

  1. Assisted Generation of Attack Trees : the ATSyRAprototype Sophie Pinchinat joint work with Mathieu Acher and Didier Vojtisek Universit´ e de Rennes 1 GraMSec, 13 July 2015

  2. Outline Introductory example 1 Goal decomposition High-level actions Experimenting ATSyRA 2 The ATSyRA prototype 3 2

  3. Introductory example Outline Introductory example 1 Goal decomposition High-level actions Experimenting ATSyRA 2 The ATSyRA prototype 3 3

  4. Introductory example A Building Specification 4

  5. Introductory example A three-level building 5

  6. Introductory example The attack objective Item locations Attacker 6

  7. Introductory example Do you think this is possible? How? 7

  8. Introductory example ATSyRA response We analyze a transition system of ≈ 1 . 6 × 10 13 states Existence of an attack scenarios: There is an attack ! 8

  9. Introductory example ATSyRA response We analyze a transition system of ≈ 1 . 6 × 10 13 states Attack scenarios generation TIMEOUT! even pushing it to a 10mn-long computation 8

  10. Introductory example What would the expert do in such a case? 9

  11. Introductory example Goal decomposition Goal decomposition (similarly to proof assistant tools) � � Outside ↓ Goal � � document Outside notDetected � � Outside ↓   direction access card Subgoal 1 staff access card   FF SupervisingPC  supervisiongPC key    notDetected  direction access card  staff access card   FF SupervisingPC   supervisiongPC key   Subgoal 2 notDetected ↓ � � document Outside notDetected 10

  12. Introductory example Goal decomposition   direction access card Subgoal 1: staff access card   Outside � � → FF SupervisingPC   supervisiongPC key   notDetected 11

  13. Introductory example Goal decomposition ATSyRA response for Subgoal 1   direction access card staff access card   � � Outside → FF SupervisingPC   supervisiongPC key   notDetected 12

  14. Introductory example Goal decomposition ATSyRA response for Subgoal 1   direction access card staff access card   � � Outside → FF SupervisingPC   supervisiongPC key   notDetected STILL TOO COMPLEX 12

  15. Introductory example Goal decomposition   direction access card Subgoal 2: � � staff access card document   FF SupervisingPC → Outside   supervisiongPC key notDetected   notDetected 13

  16. Introductory example Goal decomposition ATSyRA response for Subgoal 2 14

  17. Introductory example Goal decomposition ATSyRA response for Subgoal 2 virtual unlock_porte_PCSurveillance virtual virtual open_porte_PCSurveillance deactivate_alarme_batiment go_from_N2_PCSurveillance_to_N2_Couloir_by_porte_PCSurveillance unlock_ascenseur_dupersonnel_2_3 open_ascenseur_dupersonnel_2_3 go_from_N2_Couloir_to_N3_BureauAssistantDirection_by_ascenseur_dupersonnel_2_3 virtual virtual virtual go_from_N3_BureauAssistantDirection_to_N3_BureauDirection_by_porte_BureauDirection take_document go_from_N3_BureauDirection_to_N3_BureauAssistantDirection_by_porte_BureauDirection virtual unlock_ascenseur_dupersonnel_1_3 virtual go_from_N3_BureauAssistantDirection_to_HallEntree_by_ascenseur_dupersonnel_1_3 go_from_HallEntree_to_Ext_by_EntreePrincipale virtual virtual virtual virtual go_from_N3_BureauAssistantDirection_to_N2_Couloir_by_ascenseur_dupersonnel_2_3 go_from_N2_Couloir_to_N2_EchelleSecoursPonton_by_porte_N2_EchelleSecours open_echelle_secours_1_2 go_from_N2_EchelleSecoursPonton_to_Ext_by_echelle_secours_1_2 unlock_ascenseur_dupersonnel_1_3 open_ascenseur_dupersonnel_1_3 go_from_N3_BureauAssistantDirection_to_HallEntree_by_ascenseur_dupersonnel_1_3 go_from_HallEntree_to_Ext_by_EntreePrincipale open_ascenseur_dupersonnel_1_3 go_from_N3_BureauAssistantDirection_to_N3_BureauDirection_by_porte_BureauDirection take_document go_from_N3_BureauDirection_to_N3_BureauAssistantDirection_by_porte_BureauDirection go_from_N3_BureauAssistantDirection_to_N3_BureauDirection_by_porte_BureauDirection take_document go_from_N3_BureauDirection_to_N3_BureauAssistantDirection_by_porte_BureauDirection open_ascenseur_dupersonnel_1_3 15

  18. Introductory example High-level actions High-level actions for Subgoal 2 ⇓ ⇓ 16

  19. Introductory example High-level actions High-level actions for Subgoal 2 17

  20. Introductory example High-level actions High-level actions Low-level actions are automatically generated 18

  21. Introductory example High-level actions High-level actions Low-level actions are automatically generated “Easy” higher-level actions can be generated 18

  22. Introductory example High-level actions High-level actions Low-level actions are automatically generated “Easy” higher-level actions can be generated The expert can also develop his vocabulary 18

  23. Introductory example High-level actions High-level actions Low-level actions are automatically generated “Easy” higher-level actions can be generated The expert can also develop his vocabulary HLA expressions HLA ID = α ; where α ::= a | ( α | α ) | α, α | α & α The expert can also stratify 18

  24. Experimenting ATSyRA Outline Introductory example 1 Goal decomposition High-level actions Experimenting ATSyRA 2 The ATSyRA prototype 3 19

  25. Experimenting ATSyRA   direction access card Subgoal 2: � � staff access card document   FF SupervisingPC → Outside   supervisiongPC key notDetected   notDetected 20

  26. The ATSyRA prototype Outline Introductory example 1 Goal decomposition High-level actions Experimenting ATSyRA 2 The ATSyRA prototype 3 21

  27. The ATSyRA prototype The ATSyRA workflow System description HLA start (1) start (3) (DSL) description (DSL) Reachability analysis Set of attack (a) (2) Model-checking scenarios ➁ ➀ Synthesis (b) ➂ Attack tree (4) ➃ Attack tree analysis tool (ADTool) 22

  28. The ATSyRA prototype Discussion Short term Improve both specification languages Easy ways to select a subgoal, a sub-building, etc. Connect subgoals For subgoal: exploit temporal logic from the Model-checker (e.g. ( ¬ staff access card.pos=attacker) U (reach goal).) Select/suggest a virtual node to generate an HLA 23

  29. The ATSyRA prototype Discussion Short term Improve both specification languages Easy ways to select a subgoal, a sub-building, etc. Connect subgoals For subgoal: exploit temporal logic from the Model-checker (e.g. ( ¬ staff access card.pos=attacker) U (reach goal).) Select/suggest a virtual node to generate an HLA Good tools for editing trees, choose abstract level for display 23

  30. The ATSyRA prototype Discussion Short term Improve both specification languages Easy ways to select a subgoal, a sub-building, etc. Connect subgoals For subgoal: exploit temporal logic from the Model-checker (e.g. ( ¬ staff access card.pos=attacker) U (reach goal).) Select/suggest a virtual node to generate an HLA Good tools for editing trees, choose abstract level for display Parsing scenorios with HLA Very combinatorial, currently the rules are not complete enough Need heuristics and backtracking to synthesize even more succinct trees Mathematical characterization of the optimal solutions we want to generate 23

  31. The ATSyRA prototype Discussion Short term Improve both specification languages Easy ways to select a subgoal, a sub-building, etc. Connect subgoals For subgoal: exploit temporal logic from the Model-checker (e.g. ( ¬ staff access card.pos=attacker) U (reach goal).) Select/suggest a virtual node to generate an HLA Good tools for editing trees, choose abstract level for display Parsing scenorios with HLA Very combinatorial, currently the rules are not complete enough Need heuristics and backtracking to synthesize even more succinct trees Mathematical characterization of the optimal solutions we want to generate Long term Towards other kinds of systems, typically cyber intrusions Guards, Defense (counter-measures) 23

  32. The ATSyRA prototype The partners IRISA LogicA DiversE EMSEC LIP6 DGA Thank you for your attention! 24

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

A New Side-Channel Attack on RSA Prime Generation Thomas Finke, Max Gebhardt, Werner Schindler

A New Side-Channel Attack on RSA Prime Generation Thomas Finke, Max Gebhardt, Werner Schindler

A New Side-Channel Attack on RSA Prime Generation Thomas Finke, Max Gebhardt, Werner Schindler Federal Office for Information Security (BSI), Germany Lausanne, September 7, 2009 Outline r Introduction and Motivation r The Attack r Basic attack

514 views • 25 slides
A Side-Channel Assisted Cryptanalytic Attack Against QcBits Mlissa Rossi Mike Hamburg

A Side-Channel Assisted Cryptanalytic Attack Against QcBits Mlissa Rossi Mike Hamburg

A Side-Channel Assisted Cryptanalytic Attack Against QcBits Mlissa Rossi Mike Hamburg Michael Hutter Mark E. Marson Possible path for post-quantum security Error-correcting codes Quantum computers may threaten the mathematical

892 views • 66 slides
Marker Assisted Marker Assisted Selection Selection Biotechnology in Action Biotechnology in

Marker Assisted Marker Assisted Selection Selection Biotechnology in Action Biotechnology in

Marker Assisted Marker Assisted Selection Selection Biotechnology in Action Biotechnology in Action Traditional Tree Breeding Traditional Tree Breeding The selection of trees is based on visible traits (phenotypes). The selection of trees

316 views • 9 slides
Assisted Discovery of On-Chip Debug Interfaces Joe Grand (@joegrand) Introduction On-chip

Assisted Discovery of On-Chip Debug Interfaces Joe Grand (@joegrand) Introduction On-chip

Assisted Discovery of On-Chip Debug Interfaces Joe Grand (@joegrand) Introduction On-chip debug interfaces are a well-known attack vector - Used as a stepping stone to further an attack - Can provide chip-level control of a target

766 views • 35 slides
( ( ) ) ( ) ( ) = = Work = h log t n B- B -Trees Trees B B- -Trees

( ( ) ) ( ) ( ) = = Work = h log t n B- B -Trees Trees B B- -Trees

B- B -Trees Trees B B- -Trees Trees Search for key R ( ( ) ) ( ) ( ) = = Work = h log t n B- B -Trees Trees B B- -Trees Trees Each Disk-Read or Disk-Write = one Basic unit of work O(1) Typical Node x

287 views • 4 slides
A Scalable Approach to Attack Graph Generation By Ou, Boyer, McQueen Presented By: Philip Koshy

A Scalable Approach to Attack Graph Generation By Ou, Boyer, McQueen Presented By: Philip Koshy

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA A Scalable Approach to Attack Graph Generation By Ou, Boyer,

591 views • 33 slides
Causal Model Extraction from Attack Trees to Attribute Malicious Insider Attacks Amjad Ibrahim,

Causal Model Extraction from Attack Trees to Attribute Malicious Insider Attacks Amjad Ibrahim,

Causal Model Extraction from Attack Trees to Attribute Malicious Insider Attacks Amjad Ibrahim, Simon Rehwald, Antoine Scemama, Florian Andres, Alexander Pretschner Technische Universitt Mnchen Department of Informatics Chair of Software

512 views • 24 slides
Squeezing State Spaces of (Attack-Defence) Trees l Knapik 1 Wojciech Penczek 1 Micha Laure

Squeezing State Spaces of (Attack-Defence) Trees l Knapik 1 Wojciech Penczek 1 Micha Laure

Squeezing State Spaces of (Attack-Defence) Trees l Knapik 1 Wojciech Penczek 1 Micha Laure Petrucci 2 Teofil Sidoruk 1 1 Institute of Computer Science, Polish Academy of Sciences 2 LIPN, CNRS UMR 7030, Universit e Sorbonne Paris Nord LAMAS

388 views • 23 slides
Generation in Machine Translation from Deep Syntactic Trees Keith Hall Petr N mec Johns

Generation in Machine Translation from Deep Syntactic Trees Keith Hall Petr N mec Johns

Generation in Machine Translation from Deep Syntactic Trees Keith Hall Petr N mec Johns Hopkins University Charles University in Prague Outline Transfer-based MT Tectogrammatical Representation (TR) (deep syntax) Generation from

544 views • 40 slides
Attack on Traffic Systems These attack examples have happened in the past. We will take an

Attack on Traffic Systems These attack examples have happened in the past. We will take an

From start to finish how a cyber attack would be performed on traffic system, we will go over first day >> exploitation of the device >> the real-world aftermath. Mission Secure, Inc. Attack on Traffic Systems These attack examples

556 views • 18 slides
/ + - * * 5 3 2 6 5 2 Examples Binary Trees BSTs Augmenting BinExpr General Trees

/ + - * * 5 3 2 6 5 2 Examples Binary Trees BSTs Augmenting BinExpr General Trees

Trees Readings: HtDP , sections 14, 15, 16. Topics: Introductory examples and terminology Binary trees Binary search trees Augmenting trees Binary expression trees General arithmetic expression trees Nested lists Examples Binary Trees

1.19k views • 31 slides
Attack Trees: semi-adaptive model Aivo Jrgenson 2 , 3 Jan Willemson 1 1 Cybernetica, Tartu,

Attack Trees: semi-adaptive model Aivo Jrgenson 2 , 3 Jan Willemson 1 1 Cybernetica, Tartu,

Attack Trees: semi-adaptive model Aivo Jrgenson 2 , 3 Jan Willemson 1 1 Cybernetica, Tartu, Estonia 2 Tallinn University of Technology, Tallinn, Estonia 3 Elion Enterprises Ltd, Tallinn, Estonia 1st February 2009 Jrgenson,Willemson (Estonia)

520 views • 28 slides
Assisted warmup with the Zing JVM Ivn Kr lov @JohnWings Assisted warmup with the Zing JVM

Assisted warmup with the Zing JVM Ivn Kr lov @JohnWings Assisted warmup with the Zing JVM

Assisted warmup with the Zing JVM Ivn Kr lov @JohnWings Assisted warmup with the Zing JVM Overview of 3 technologies Falcon compiler ReadyNow & Compile Stashing Challenges (largely universal to all AOTs) Identification

887 views • 86 slides
Trees Eric McCreath Overview In this lecture we will explore: general trees, binary trees,

Trees Eric McCreath Overview In this lecture we will explore: general trees, binary trees,

Trees Eric McCreath Overview In this lecture we will explore: general trees, binary trees, binary search trees, and AVL and B-Trees. 2 Trees Trees are recursive data structures. They are useful for: representing items that have a tree

622 views • 27 slides
Influencing and voluntary assisted dying Slide Voluntary assisted dying, euthanasia, dying with

Influencing and voluntary assisted dying Slide Voluntary assisted dying, euthanasia, dying with

Influencing and voluntary assisted dying Slide Voluntary assisted dying, euthanasia, dying with dignity, physician assisted suicide however it is labelled has been an issue confronting communities and governments for many years. It is one

109 views • 7 slides
2-3-4 Trees and Red- Black Trees 204 erm CS 16: Balanced Trees 2-3-4 Trees Revealed Nodes

2-3-4 Trees and Red- Black Trees 204 erm CS 16: Balanced Trees 2-3-4 Trees Revealed Nodes

CS 16: Balanced Trees 2-3-4 Trees and Red- Black Trees 204 erm CS 16: Balanced Trees 2-3-4 Trees Revealed Nodes store 1, 2, or 3 keys and have 2, 3, or 4 children, respectively All leaves have the same depth k n r b e h n r b e

800 views • 31 slides
FSD High Level Apps Ryan Slominski HLA Group is Michele Joyce, Marie Keese, Theo Larrieu, Chris

FSD High Level Apps Ryan Slominski HLA Group is Michele Joyce, Marie Keese, Theo Larrieu, Chris

FSD High Level Apps Ryan Slominski HLA Group is Michele Joyce, Marie Keese, Theo Larrieu, Chris Slominski, Ryan Slominski Outline Overview and Problem Statement Catching and Recording Alerting, Resetting, and Masking Reporting and

726 views • 23 slides
A Distributed Simulation Backbone for Executing HLA-based Simulation over the Internet Y. Xie 1

A Distributed Simulation Backbone for Executing HLA-based Simulation over the Internet Y. Xie 1

18-Aug-04 A Distributed Simulation Backbone for Executing HLA-based Simulation over the Internet Y. Xie 1 , Y.M. Teo 1,2 , W. Cai 3 and S.J. Turner 3 1 Singapore-MIT Alliance 2 Department of Computer Science, National University of Singapore 3

626 views • 11 slides
Conventional Facilities Status In partnership with: Steve Dixon India/DAE P2MAC Italy/INFN

Conventional Facilities Status In partnership with: Steve Dixon India/DAE P2MAC Italy/INFN

Conventional Facilities Status In partnership with: Steve Dixon India/DAE P2MAC Italy/INFN UK/STFC 26-28 March 2018 France/CEA/Irfu, CNRS/IN2P3 Outline: Conventional Facilities Overview CW Compatibility Questions Summary 2

180 views • 16 slides
MISSION Clinical Program GWG Recommendations Shyam Patel, Ph.D. Associate Director, Portfolio

MISSION Clinical Program GWG Recommendations Shyam Patel, Ph.D. Associate Director, Portfolio

MISSION Clinical Program GWG Recommendations Shyam Patel, Ph.D. Associate Director, Portfolio Development and Review California Institute for Regenerative Medicine December 13, 2018 Clinical Stage Programs MISSION CLINICAL STAGE CLIN 1

492 views • 20 slides
G. Soci, Hmatologie / Greffe Hpital St Louis GvHD Immunobiology of HSCT : a & c Past

G. Soci, Hmatologie / Greffe Hpital St Louis GvHD Immunobiology of HSCT : a & c Past

G. Soci, Hmatologie / Greffe Hpital St Louis GvHD Immunobiology of HSCT : a & c Past , present & future GvL ID A P P E L B A U M F R . N E N G L J M E D 2 0 0 7 ; 3 5 7 : 1 4 7 2 - 1 4 7 5 . Ann N Y Acad Sci.

539 views • 35 slides
Many of the slides that Ill use have been borrowed from Dr. Paul Lewis, Dr. Joe Felsenstein.

Many of the slides that Ill use have been borrowed from Dr. Paul Lewis, Dr. Joe Felsenstein.

Many of the slides that Ill use have been borrowed from Dr. Paul Lewis, Dr. Joe Felsenstein. Thanks! Paul has many great tools for teaching phylogenetics at his web site: http://hydrodictyon.eeb.uconn.edu/people/plewis The main subject of

495 views • 37 slides
Finding and Exploiting LTL Trajectory Constraints in Heuristic Search Salom e Simon Gabriele

Finding and Exploiting LTL Trajectory Constraints in Heuristic Search Salom e Simon Gabriele

Motivation LTL f in Classical Planning Finding Information Exploiting Information Experiments Conclusion Finding and Exploiting LTL Trajectory Constraints in Heuristic Search Salom e Simon Gabriele R oger University of Basel,

423 views • 28 slides
Epidemiological Evidence Supporting a Role for Infections in Childhood Cancer Risk Childhood

Epidemiological Evidence Supporting a Role for Infections in Childhood Cancer Risk Childhood

Epidemiological Evidence Supporting a Role for Infections in Childhood Cancer Risk Childhood Cancer 2012 London, UK April 26, 2012 Kevin Urayama St. Lukes Life Science Institute Tokyo, Japan 1 Outline Outline History and burden of

690 views • 35 slides

More recommend