how to generate security cameras towards defence
play

+ How to generate security cameras: Towards defence generation for - PowerPoint PPT Presentation

Mar 14, 2024 •484 likes •778 views

+ How to generate security cameras: Towards defence generation for socio-technical systems Olga Gadyatskaya (SnT, University of Luxembourg) olga.gadyatskaya@uni.lu ADT2P + Agenda 2 n Socio-technical models and attack generation n

  1. + How to generate security cameras: Towards defence generation for socio-technical systems Olga Gadyatskaya (SnT, University of Luxembourg) olga.gadyatskaya@uni.lu ADT2P

  2. + Agenda 2 n Socio-technical models and attack generation n Challenges for countermeasure generation n Attack-defence model generated from socio-technical model n How to select more countermeasures n Challenges ahead GraMSec 2015 12/07/15

  3. + Socio-technical system models 3 n A model that combines a snapshot of infrastructure with models of agents acting in this infrastructure GraMSec 2015 12/07/15

  4. + Example 4 An instance of a system model designed in the TREsPASS notation GraMSec 2015 12/07/15

  5. + Security controls in the model 5 Money $$$ can be accessed from the ATM A1 with card and PIN. GraMSec 2015 12/07/15

  6. + Automated attack generation 6 n A socio-technical model à an attack model [Ivanova et al. 2015] n automatically n complete wrt the socio-technical model n reachability-based An example of a generated attack tree [Ivanova et al. 2015] GraMSec 2015 12/07/15

  7. + Automated generation of 7 countermeasures: challenges n <easy> Which format for countermeasure representation? n Attack-countermeasure trees, attack-defence trees, defence trees, etc. n <hard> Generated countermeasures are limited by the socio- technical model itself n If the model represents only access control policies – only those can be generated automatically GraMSec 2015 12/07/15

  8. + Problem 8 n Automated countermeasure generation n How to generate defences automatically {in an optimal way} n How to introduce more countermeasures n How to trace the generated countermeasures back to the ST model and maintain the traceability through model evolution n Solution n Maintain an attack-defence model together with the socio-technical system model GraMSec 2015 12/07/15

  9. + Attack-defence model 9 n The desired attack-defence model should: n incorporate existing countermeasures (access control policies) n allow to add new defences and consistently maintain traceability with the socio-technical model n allow to perform computations and select optimal defence scenarios n Attack-defence trees [Kordy et al. 2014] is a suitable notation to maintain the attacker and the defender views simultaneously GraMSec 2015 12/07/15

  10. + Simplified attack-defence model 10 n Given a socio-technical model < N,E > n N is a set of items in the model n N i – infrastructure locations n N a – actor locations n N o – object locations n E is a set of directed edges among the items n P is a set of access control policies defined in the model n d n is a local policy that guards access to item n n each element in d n is < Cred, atLocation, EM > where n Cred is a set of credentials required n atLocation is the location where policy is applied n EM is an enforcement mechanism in the model GraMSec 2015 12/07/15

  11. + Bundles 11 n For each element n of the model we generate an attack- defence bundle access_n n A bundle succinctly represents an attack where an attacker gets access to n n Any attacker n It comprises the attack vectors available in the model and the defences offered by the enforcement mechanisms for local policies GraMSec 2015 12/07/15

  12. + Structure of attack-defence 12 bundles I n Root node: access_n n n can be accessed from any adjacent location in the model n access_n is OR-decomposed into a collection of nodes access_from_ni access_$$$ access_from_account access_from_ATM GraMSec 2015 12/07/15

  13. + Structure of attack-defence 13 bundles II n To attack from some adjacent location the attacker needs to get to that location and circumvent the access control policies checks there n Bundles access_from_ni are decomposed into attack node access_i and defence node EM_ni access_$$$ access_from_account access_from_ATM EM_$$$ATM access_ATM GraMSec 2015 12/07/15

  14. + Defence nodes decomposition 14 n Enforcement mechanism can comprise several valid policy configurations n defence node EM_ni is AND-decomposed into nodes pol_config_pk each local policy configuration that guards access to n from i EM_$$$ATM pol_config_cardANDpin GraMSec 2015 12/07/15

  15. + Attacking enforcement 15 mechanisms I n To overcome the defensive mechanism in place, the attacker needs to circumvent any of individual policy configurations EM_$$$ATM pol_config_cardANDpin attack pol_cardANDpin GraMSec 2015 12/07/15

  16. + Attacking enforcement 16 mechanisms II n The attacker can circumvent the enforcement mechanism by satisfying the policy (collecting all credentials) or by breaking the enforcement mechanism n Node attack_pol_pm is OR-decomposed into attack nodes sat_pol_pm and break_em_ni attack pol_cardANDpin sat_pol_cardANDpin break_EM_$$$ATM GraMSec 2015 12/07/15

  17. + Satisfying policies 17 n Policy can be satisfied if all credentials needed are collected: n Attack node sat_pol_pm is AND-decomposed into attack nodes access_credr attack pol_cardANDpin sat_pol_cardANDpin break_EM_$$$ATM access_card access_PIN GraMSec 2015 12/07/15

  18. + Attack-defence tree synthesis from 18 bundles I n Attack node access_n is a basic building block n Bundles can be put together to form attack-defence trees n Issue: loops access_$$$ access_account access_ATM access_card access_PIN access_city access_Margrete access_Margrete access_house access_house 13/07/15 GraMSec 2015

  19. + Attack-defence tree synthesis from 19 bundles II n Solution: compute what is accessible and evaluate attack-defence trees using bundle values in the the propositional semantics n Bootstrapping: n For every element n and actor p Accessible (n, p) = Reachable (n,p) AND Granted (n,p) GraMSec 2015 13/07/15

  20. + Attack-defence trees synthesis III 20 n For a chosen asset t and attacker a n Set initial value of each bundle as Accessible (t, a) n Synthesize attack-defence trees from individual bundles n Expand each bundle only once n Recompute values access_$$$ access_account access_ATM access_card access_PIN access_city access_Margrete access_Margrete access_house access_city GraMSec 2015 13/07/15

  21. + What about other defences? 21 n Attack-defence bundles form the initial attack-defence model generated from the socio-technical model n After the bundles were generated, new controls can be added into individual bundles n Consistency is maintained because each single bundle corresponds to access to a single model element n Placement of new controls depends on their types: n Preventive n Detective n Corrective GraMSec 2015 12/07/15

  22. + New controls: where 22 access_n access_from_nl access_from_nk D_detective/corrective access_l D_preventive access_k EM_nl Other preventive GraMSec 2015 12/07/15

  23. + How to select new controls 23 n Proposals for optimal countermeasure selection exist if possible options are already known and evaluated by experts [Roy et al. 2012], [Aslanyan et al. 2015] n BUT how to assist the experts in selecting new controls consistently from a set of recommended best practices (e.g., NIST 800-53) ? n Possible considerations: n Application domain of controls (model element types) n Attributes to be evaluated GraMSec 2015 12/07/15

  24. + Application domains of controls 24 GraMSec 2015 12/07/15

  25. + Attributes 25 GraMSec 2015 12/07/15

  26. + Challenges ahead 26 n Extending the attack-defence model by using an attack-defence library n Knowledge how an attacker can break enforcement mechanisms n Knowledge from industry catalogues n Socio-technical attacks n Trust policies n More complex models with processes n Validation n <usefulness> how suitable is the attack-defence model proposed for maintaining defences across system evolution? n <scalability> is it possible to generate meaningful attack-defence trees for realistic socio- technical models? n Minimal representation and visualization n Attack-defence trees generated will require some restructuring for minimizing the size and excluding redundancies n Assisted defence selection n How to guide experts to select optimal countermeasures (to which extent the defences can be generated)? GraMSec 2015 13/07/15

  27. + Conclusions 27 n Defence generation from socio-technical models is limited by the models themselves n Attack-defence model consisting of individual attack- defence bundles can help to select and maintain defences across the system lifecycle n It is easier to generate attacks than defences GraMSec 2015 12/07/15

  28. + 28 Thank you!!! GraMSec 2015 12/07/15

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Japan: Defence and Security Strategic Aim: to be the second closest international defence

Japan: Defence and Security Strategic Aim: to be the second closest international defence

Japan: Defence and Security Strategic Aim: to be the second closest international defence equipment partner with Japan after the United States How? create a genuine two-way street of defence equipment cooperation including direct

910 views • 18 slides
ASPI-UNISYS Defence and Security Luncheon 26 May 2011 The 2011-12 Defence Budget Mark

ASPI-UNISYS Defence and Security Luncheon 26 May 2011 The 2011-12 Defence Budget Mark

ASPI-UNISYS Defence and Security Luncheon 26 May 2011 The 2011-12 Defence Budget Mark Thomson This years defence budget caused considerable alarm in some quarters. One commentator said that cuts to the defence budget announced

599 views • 13 slides
New Defence Perspective New Defence Perspective New Defence Perspective New Defence Perspective

New Defence Perspective New Defence Perspective New Defence Perspective New Defence Perspective

New Defence Perspective New Defence Perspective New Defence Perspective New Defence Perspective Innovative technology, knowledge, problem solving are critical for Canada and its allies to mitigate new threats, stay ahead of potential

469 views • 18 slides
US/UK DTCT Security Policy Requirements Jakki Baker/Martin Oram Defence Security Scientific,

US/UK DTCT Security Policy Requirements Jakki Baker/Martin Oram Defence Security Scientific,

US/UK DTCT Security Policy Requirements Jakki Baker/Martin Oram Defence Security Scientific, Technical and Industrial Directorate of Business Resilience Defence Security Security Protection The DTCT requires the Parties to provide an

387 views • 9 slides
Defence Innovation Dr Farhana Amin Deputy Head, Engagement and Skills, Defence Innovation Unit

Defence Innovation Dr Farhana Amin Deputy Head, Engagement and Skills, Defence Innovation Unit

SECURITY MARKING Defence Innovation Dr Farhana Amin Deputy Head, Engagement and Skills, Defence Innovation Unit Ministry of Defence SECURITY MARKING Enter chart by clicking the icon Why are we here today? SECURITY MARKING A simplified

476 views • 8 slides
Defence Corruption, Tools, and the UN Arms Trade Treaty Alan Waldron and Tobias Bock Defence

Defence Corruption, Tools, and the UN Arms Trade Treaty Alan Waldron and Tobias Bock Defence

Defence Corruption, Tools, and the UN Arms Trade Treaty Alan Waldron and Tobias Bock Defence and Security Programme Transparency International Kuala Lumpur 19 th April 2012 Defence and Security Corruption - Typology POLITICAL PROCUREMENT

582 views • 27 slides
Security &amp; Defence Policy of the Federal Republic of Germany Brigadier General Gerald Funke

Security &amp; Defence Policy of the Federal Republic of Germany Brigadier General Gerald Funke

Security &amp; Defence Policy of the Federal Republic of Germany Brigadier General Gerald Funke FMoD Head of Division Strategic Defence Planning &amp; Concepts Conference of Defence Association Institute, Roundtable, Ottawa 8 Jun 2017 Plg

616 views • 28 slides
The most ambitious course on security and defence in Post-Lockdown Europe. The Institute for

The most ambitious course on security and defence in Post-Lockdown Europe. The Institute for

The most ambitious course on security and defence in Post-Lockdown Europe. The Institute for Higher National Defence Studies (IHEDN-FR), the Bundesakademie fr Sicherheitspolitik (BAKS - DE), and the Egmont Royal Institute for International

283 views • 4 slides
Defence &amp; Security Sector in India Challenges &amp; Opportunities &amp; Procurement Policy

Defence &amp; Security Sector in India Challenges &amp; Opportunities &amp; Procurement Policy

Defence &amp; Security Sector in India Challenges &amp; Opportunities &amp; Procurement Policy by Maj. Gen. (Retd.) Dr. B. Yadav, Q -Tech Synergy Tech Synergy Presentation Outline Defence Procurement Defence Budget and Needs

430 views • 27 slides
WELCOME Les Shearn Alliance Facilitator Defence Teaming Centre Defence Industry Liaison

WELCOME Les Shearn Alliance Facilitator Defence Teaming Centre Defence Industry Liaison

WELCOME Les Shearn Alliance Facilitator Defence Teaming Centre Defence Industry Liaison Officer - Defence SA 1 DEFENCE SA A SOUTH AUSTRALIAN GOVERNMENT AGENCY MISSION Facilitate the growth of Defence and sustainable defence industries in

457 views • 13 slides
Responsible disclosure process vulnerabilities of IP security cameras Kiberahs 2016

Responsible disclosure process vulnerabilities of IP security cameras Kiberahs 2016

Responsible disclosure process vulnerabilities of IP security cameras Kiberahs 2016 @KirilsSolovjovs 06.10.2016. kirils.org Me in a slide IT security expert; researcher at 1 st Ltd, Latvia Skills: network flow analysis, reverse

529 views • 20 slides
cyber defence capability: A practitioners perspective Luke Beeson, Vice President Security UK

cyber defence capability: A practitioners perspective Luke Beeson, Vice President Security UK

Building an effective and dynamic cyber defence capability: A practitioners perspective Luke Beeson, Vice President Security UK and GB&amp;FM BT Security 1 BT Security 2 Our History Rethinking the Risk as a Trusted Security Partner BT

141 views • 10 slides
TI Defence &amp; Security: an introduction OUR VISION Countries and territories with

TI Defence &amp; Security: an introduction OUR VISION Countries and territories with

TI Defence &amp; Security: an introduction OUR VISION Countries and territories with Transparency International affiliates (September 2017) A WORLD WHERE GOVERNMENTS, THE ARMED FORCES, AND ARMS TRANSFERS ARE TRANSPARENT, ACCOUNTABLE, AND FREE

441 views • 13 slides
Defence Industry Security Program May 2019 2 Security Environment Corporate Espionage

Defence Industry Security Program May 2019 2 Security Environment Corporate Espionage

Defence Industry Security Program May 2019 2 Security Environment Corporate Espionage Foreign Espionage and Interference Foreign Ownership, Control and Influence Cyber threats Insider threats Variable security

432 views • 16 slides
24 th Annual Conference Assurance of Defence Assurance of Defence Programme Costs Programme

24 th Annual Conference Assurance of Defence Assurance of Defence Programme Costs Programme

24 th Annual Conference Assurance of Defence Assurance of Defence Programme Costs Programme Costs Thursday 20 th September 2007 MoD Abbey Wood, Bristol September 2007 Introduction HQ Defence Equipment &amp; Support Security

567 views • 8 slides
Body Worn Cameras and Transparency Increase in use of cameras Expectation of

Body Worn Cameras and Transparency Increase in use of cameras Expectation of

10/10/2016 Body Cameras: The Intersection of Public Records and Law Enforcement Frayda Bluestein, Jeff Welty, Tom Carruthers Body Worn Cameras and Transparency Increase in use of cameras Expectation of accountability and transparency

348 views • 9 slides
Common Criteria Evaluations Tony Boswell CLEF Technical Manager SiVenture 1 November 2012

Common Criteria Evaluations Tony Boswell CLEF Technical Manager SiVenture 1 November 2012

Building Technical Attacks into Common Criteria Evaluations Tony Boswell CLEF Technical Manager SiVenture 1 November 2012 Overview What is Common Criteria? Conclusions Technical Problems &amp; Communities &amp; challenges with

391 views • 26 slides
Maximum Contiguous Subsequence Sum Correctness usually graded using JUnit tests Exception:

Maximum Contiguous Subsequence Sum Correctness usually graded using JUnit tests Exception:

Maximum Contiguous Subsequence Sum Correctness usually graded using JUnit tests Exception: when we ask you to add your own tests Style No warnings remaining (per our preference file) Reasonable documentation Explanatory

560 views • 31 slides
Human-Computer Interaction Round 7 I6: Heuristic Evaluation (Organized) comprehensive list

Human-Computer Interaction Round 7 I6: Heuristic Evaluation (Organized) comprehensive list

2/26/2012 Human-Computer Interaction Round 7 I6: Heuristic Evaluation (Organized) comprehensive list Due next week Shared with class T5: Paper Prototyping # 2 Big deal ... Get going! 1 2/26/2012 UI Design Why is UI Design

561 views • 19 slides
The Paperless Math Classroom Brian Aspinall Teacher, LKDSB @mraspinall www.brianaspinall.com

The Paperless Math Classroom Brian Aspinall Teacher, LKDSB @mraspinall www.brianaspinall.com

The Paperless Math Classroom Brian Aspinall Teacher, LKDSB @mraspinall www.brianaspinall.com &quot;We used to go to school because that was where the information was&quot; @mraspinall www.brianaspinall.com Traditional Teaching Teacher:

859 views • 46 slides
THE NON UPLOADING DD PROCESS and : a : co H le : of :&lt;* ick /:&lt; ha &lt;:/ a U ed : m

THE NON UPLOADING DD PROCESS and : a : co H le : of :&lt;* ick /:&lt; ha &lt;:/ a U ed : m

THE NON UPLOADING DD PROCESS and : a : co H le : of :&lt;* ick /:&lt; ha &lt;:/ a U ed : m Y U ol H n &lt; ee *: life CC-BY-SA 4.0, (C) 2014 Francesca Ciceri (madamezou) Made with Reveal.js (C) 2013 Hakim El Hattab MIT Licensed

785 views • 39 slides
PRINCIPLES, PRACTICE AND RESEARCH MODULE 5: DIGITAL GOVERNMENT AND ORGANIZATIONAL CHANGE TOMASZ

PRINCIPLES, PRACTICE AND RESEARCH MODULE 5: DIGITAL GOVERNMENT AND ORGANIZATIONAL CHANGE TOMASZ

DIGITAL GOVERNMENT PRINCIPLES, PRACTICE AND RESEARCH MODULE 5: DIGITAL GOVERNMENT AND ORGANIZATIONAL CHANGE TOMASZ JANOWSKI GDA SK UNIVERSITY OF TECHNOLOGY, POLAND DANUBE UNIVERSITY KREMS, AUSTRIA ELSA ESTEVEZ AND PABLO FILLOTRANI

878 views • 70 slides
N A T U R E N a t u r e I s T h e A r t O f G o d What is NATURE? The words nature

N A T U R E N a t u r e I s T h e A r t O f G o d What is NATURE? The words nature

N A T U R E N a t u r e I s T h e A r t O f G o d What is NATURE? The words nature and natural are used for all the things that are normally not made by humans. Things like weather, organisms, landforms, celestial bodies and much

212 views • 10 slides
Digital Inclusion, Computational Thinking &amp; the Urgent Need to Reconsider Digital Literacy

Digital Inclusion, Computational Thinking &amp; the Urgent Need to Reconsider Digital Literacy

Digital Inclusion, Computational Thinking &amp; the Urgent Need to Reconsider Digital Literacy Martin Wolske Director, Center for Digital Inclusion http://martin.wolske.site Warmup 1. How are digital technologies like Chromebooks transforming

662 views • 25 slides

More recommend