probabilistic reasoning with graphical security models
play

Probabilistic reasoning with graphical security models Barbara - PowerPoint PPT Presentation

Feb 14, 2023 •356 likes •903 views

Probabilistic reasoning with graphical security models Barbara Kordy Clermont-Ferrand, January 7, 2016 Digital Confidence seminar Joint work Prof. Dr. Marc Pouly Lucerne University of Applied Sciences and Arts Dr. Patrick Schweitzer

  1. Probabilistic reasoning with graphical security models Barbara Kordy Clermont-Ferrand, January 7, 2016 Digital Confidence seminar

  2. Joint work Prof. Dr. Marc Pouly Lucerne University of Applied Sciences and Arts Dr. Patrick Schweitzer University of Luxembourg Barbara Kordy 2

  3. Probabilistic assessment of security scenarios dependency model security model Bayesian network ADTree probabilistic assessment of attack–defense scenarios with dependencies Barbara Kordy 3

  4. Outline Attack–defense Trees 1 Probabilistic evaluation 2 Efficiency considerations 3 Wrap Up 4 Barbara Kordy 4

  5. Attack–defense Trees Modeling security scenarios Attack–defense tree (ADTree) [JLC’14] Tree-like representation of an attack–defense scenario depicting: How to attack a system How to protect against an attack Extend the industrially recognized model of attack trees [Schneier’99] Integrate Intuitive representation features [IJSSE’12, ICISC’12] Formal analysis techniques [GameSec’10, SIIS’11, JLC’14] Software application ADTool [QEST’13] Barbara Kordy 5

  6. Attack–defense Trees Example: ADTree for infecting a computer infect computer virus on system execute virus e-mail with attachment USB stick antivirus install antivirus run antivirus fake antivirus Barbara Kordy 6

  7. Attack–defense Trees Propositional semantics for ADTrees [SIIS’11] B – the set of non-refined nodes of ADTree t x ∈ { 0 , 1 } B encodes whether actions from B succeed or not Action A ∈ B succeeds if x ( A ) = 1 Action A ∈ B does not succeed if x ( A ) = 0 Boolean function f t for t f t : { 0 , 1 } B → { 0 , 1 } associates a Boolean value f t ( x ) ∈ { 0 , 1 } with each vector x ∈ { 0 , 1 } B x is called an attack vector if f t ( x ) = 1 Barbara Kordy 7

  8. Attack–defense Trees ADTrees as Boolean functions Domain of f t is composed of the non-refined nodes of t Non-refined OR AND Countermeasure t' t t A t'' t' t'' t' t'' f t ( A ) = A f t = f t ′ ∨ f t ′′ f t = f t ′ ∧ f t ′′ f t = f t ′ ∧ ¬ f t ′′ Barbara Kordy 8

  9. Attack–defense Trees Example: Boolean function for infecting a computer infect computer virus on system execute virus e-mail with attachment USB stick antivirus install antivirus run antivirus fake antivirus � �� � f t = ( X EA ∨ X US ) ∧ ¬ X IA ∧ ( X RA ∧ ¬ X FA ) ∧ X EV Barbara Kordy 9

  10. Attack–defense Trees Example: attack vector infect computer true virus on system execute virus true true e-mail with attachment USB stick antivirus true false false install antivirus run antivirus true false fake antivirus false � �� � f t = ( X EA ∨ X US ) ∧ ¬ X IA ∧ ( X RA ∧ ¬ X FA ) ∧ X EV attack vector 1 0 1 0 0 1 Barbara Kordy 10

  11. Attack–defense Trees Importance of probabilities Knowing the probabilities of particular attacks allow us to Identify the most vulnerable components Determine the strategic points Decide which protective measures to implement Barbara Kordy 11

  12. Attack–defense Trees Bottom-up evaluation of probability on ADTrees [ICISC’12] Probability of a Probability of a Probability of a disjunctive subtree conjunctive subtree countered subtree attack attack x x y x y y Barbara Kordy 12

  13. Attack–defense Trees Bottom-up evaluation of probability on ADTrees [ICISC’12] Probability of a Probability of a Probability of a disjunctive subtree conjunctive subtree countered subtree attack attack x x y x y y x + y − xy Barbara Kordy 12

  14. Attack–defense Trees Bottom-up evaluation of probability on ADTrees [ICISC’12] Probability of a Probability of a Probability of a disjunctive subtree conjunctive subtree countered subtree attack attack x x y x y y xy x + y − xy Barbara Kordy 12

  15. Attack–defense Trees Bottom-up evaluation of probability on ADTrees [ICISC’12] Probability of a Probability of a Probability of a disjunctive subtree conjunctive subtree countered subtree attack attack x x y x y y xy x + y − xy x ( 1 − y ) Barbara Kordy 12

  16. Attack–defense Trees Bottom-up evaluation of probability on ADTrees [ICISC’12] Probability of a Probability of a Probability of a disjunctive subtree conjunctive subtree countered subtree attack attack x x y x y y xy x + y − xy x ( 1 − y ) Similarly for subtrees rooted in a defense node Barbara Kordy 12

  17. Attack–defense Trees Example: probability for infecting a computer infect computer 0.669375 virus on system execute virus 0.74375 0.9 e-mail with attachment USB stick antivirus 0.5 0.75 0.15000000000000002 install antivirus run antivirus 0.8 0.25 fake antivirus 0.25 Barbara Kordy 13

  18. Attack–defense Trees Limitations The bottom-up procedure does not take dependencies between actions into account. However, in practice Installing and running an antivirus Distributing and executing a virus are not independent actions . Thus, the standard bottom-up evaluation is not suitable for probabilistic assessment of attack–defense trees. Barbara Kordy 14

  19. Attack–defense Trees Challenges 1 How to design the appropriate formalism ? 2 How to ensure that calculations reflect the reality ? 3 How to guarantee the efficiency of the evaluation? Barbara Kordy 15

  20. Probabilistic evaluation Proposed Framework [INS’16] security model ADTree

  21. Probabilistic evaluation Proposed Framework [INS’16] dependency model security model Bayesian network ADTree

  22. Probabilistic evaluation Proposed Framework [INS’16] dependency model security model Bayesian network ADTree probabilistic assessment of attack–defense scenarios with dependencies Barbara Kordy 16

  23. Probabilistic evaluation Modeling probability of dependent actions Bayesian network A directed, acyclic graph that reflects the conditional interdependencies between variables associated with the nodes of the network Dependent variables Conditional probability table for Y p ( Y = 1 | X = 1 ) = 0 . 7 p ( Y = 1 | X = 0 ) = 0 . 2 X Y p ( Y = 0 | X = 1 ) = 0 . 3 p ( Y = 0 | X = 0 ) = 0 . 8 Barbara Kordy 17

  24. Probabilistic evaluation Constructing Bayesian network BN t for ADTree t From an ADTree – ADTree t B – set of all non-refined nodes of t To a Bayesian network Elements of B are nodes of the Bayesian network BN t Relations between actions are depicted by edges in BN t Conditional probability tables quantify dependencies between actions Barbara Kordy 18

  25. Probabilistic evaluation Example: BN t for infecting a computer ADTree p ( X EA = 1 | X FA = 1 ) = 0 . 9 p ( X EA = 1 | X FA = 0 ) = 0 . 5 e-mail with attachment fake antivirus execute virus p ( X FA = 1 ) = 0 . 3 p ( X EV = 1 | X EA = 1 , X US = 1 ) = 0 . 9 USB stick p ( X EV = 1 | X EA = 1 , X US = 0 ) = 0 . 2 p ( X US = 1 | X FA = 1 ) = 0 . 4 p ( X EV = 1 | X EA = 0 , X US = 1 ) = 0 . 8 p ( X US = 1 | X FA = 0 ) = 0 . 5 p ( X EV = 1 | X EA = 0 , X US = 0 ) = 0 . 1 install antivirus run antivirus p ( X IA = 1 ) = 0 . 6 p ( X RA = 1 | X IA = 1 ) = 0 . 9 p ( X RA = 1 | X IA = 0 ) = 0 . 0 Barbara Kordy 19

  26. Probabilistic evaluation Joint probability distribution for network BN t e-mail with attachment fake antivirus execute virus USB stick install antivirus run antivirus p ( X EA , X US , X IA , X RA , X FA , X EV ) = p ( X EV | X EA , X US ) × p ( X EA | X FA ) × p ( X US | X FA ) × p ( X FA ) × p ( X RA | X IA ) × p ( X IA ) Barbara Kordy 20

  27. Probabilistic evaluation Propositional semantics using algebraic operations Non-refined OR AND Countermeasure t' t t A t'' t' t'' t' t'' f t ( A ) = A f t = f t ′ ∨ f t ′′ f t = f t ′ ∧ f t ′′ f t = f t ′ ∧ ¬ f t ′′ Barbara Kordy 21

  28. Probabilistic evaluation Propositional semantics using algebraic operations Non-refined OR AND Countermeasure t' t t A t'' t' t'' t' t'' f t ( A ) = A f t = f t ′ ∨ f t ′′ f t = f t ′ ∧ f t ′′ f t = f t ′ ∧ ¬ f t ′′ max { f t ′ , f t ′′ } f t ′ × f t ′′ f t ′ × ( 1 − f t ′′ ) id A Barbara Kordy 21

  29. Probabilistic evaluation Probability computation x ∈ { 0 , 1 } B – vector of successful/unsuccessful actions Probability of attack vector x f t ( x ) × p ( x ) Probability related to ADTree t � P ( t ) = f t ( x ) × p ( x ) x ∈{ 0 , 1 } B Probability of the most probable attack vector P max ( t ) = x ∈{ 0 , 1 } B f t ( x ) × p ( x ) max Barbara Kordy 22

  30. Probabilistic evaluation Compatibility results Theorem Probability computations on propositionally equivalent ADTrees yield the same result. Observation For ADTree t without dependent actions, P ( t ) coincides with the result of the bottom-up computation. Barbara Kordy 23

  31. Efficiency considerations Efficiency problems � P ( t ) = f t ( x ) × p ( x ) P max ( t ) = x ∈{ 0 , 1 } B f t ( x ) × p ( x ) max x ∈{ 0 , 1 } B The number of configurations x grows exponentially with the number of involved actions. For large systems, it is therefore not feasible to Enumerate all the values of f t Enumerate all the values of the joint probability distribution for BN t Barbara Kordy 24

  32. Efficiency considerations dependency model security model Bayesian network ADTree probabilistic assessment of attack–defense scenarios with dependencies

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Probabilistic Reasoning: Graphical Models Christian Borgelt Intelligent Data Analysis and

Probabilistic Reasoning: Graphical Models Christian Borgelt Intelligent Data Analysis and

Probabilistic Reasoning: Graphical Models Christian Borgelt Intelligent Data Analysis and Graphical Models Research Unit European Center for Soft Computing c/ Gonzalo Guti errez Quir os s/n, 33600 Mieres (Asturias), Spain

2.3k views • 181 slides
Undirected Graphical Models Michael Gutmann Probabilistic Modelling and Reasoning (INFR11134)

Undirected Graphical Models Michael Gutmann Probabilistic Modelling and Reasoning (INFR11134)

Undirected Graphical Models Michael Gutmann Probabilistic Modelling and Reasoning (INFR11134) School of Informatics, University of Edinburgh Spring semester 2018 Recap The number of free parameters in probabilistic models increases with

642 views • 51 slides
Expressive Power of Graphical Models Michael Gutmann Probabilistic Modelling and Reasoning

Expressive Power of Graphical Models Michael Gutmann Probabilistic Modelling and Reasoning

Expressive Power of Graphical Models Michael Gutmann Probabilistic Modelling and Reasoning (INFR11134) School of Informatics, University of Edinburgh Spring Semester 2020 Recap Need for efficient representation of probabilistic models

1.32k views • 44 slides
Expressive Power of Graphical Models Michael Gutmann Probabilistic Modelling and Reasoning

Expressive Power of Graphical Models Michael Gutmann Probabilistic Modelling and Reasoning

Expressive Power of Graphical Models Michael Gutmann Probabilistic Modelling and Reasoning (INFR11134) School of Informatics, University of Edinburgh Spring semester 2018 Recap Need for efficient representation of probabilistic models

559 views • 25 slides
Sampling Techniques for Probabilistic and Deterministic Graphical models ICS 276, Fall 2014

Sampling Techniques for Probabilistic and Deterministic Graphical models ICS 276, Fall 2014

Sampling Techniques for Probabilistic and Deterministic Graphical models ICS 276, Fall 2014 Bozhena Bidyuk Rina Dechter Reading Darwiche chapter 15, related papers Overview 1. Probabilistic Reasoning/Graphical models 2. Importance

923 views • 63 slides
Sampling Techniques for Probabilistic and Deterministic Graphical models ICS 276, Spring 2017

Sampling Techniques for Probabilistic and Deterministic Graphical models ICS 276, Spring 2017

Sampling Techniques for Probabilistic and Deterministic Graphical models ICS 276, Spring 2017 Bozhena Bidyuk Rina Dechter Reading Darwiche chapter 15, related papers Overview 1. Probabilistic Reasoning/Graphical models 2. Importance

1.03k views • 54 slides
Sampling Techniques for Probabilistic and Deterministic Graphical models ICS 276, Spring 2017

Sampling Techniques for Probabilistic and Deterministic Graphical models ICS 276, Spring 2017

Sampling Techniques for Probabilistic and Deterministic Graphical models ICS 276, Spring 2017 Bozhena Bidyuk Rina Dechter Reading Darwiche chapter 15, related papers Overview 1. Probabilistic Reasoning/Graphical models 2. Importance

889 views • 63 slides
Sampling Techniques for Probabilistic and Deterministic Graphical models ICS 276, Spring 2018

Sampling Techniques for Probabilistic and Deterministic Graphical models ICS 276, Spring 2018

Sampling Techniques for Probabilistic and Deterministic Graphical models ICS 276, Spring 2018 Bozhena Bidyuk Rina Dechter Reading Darwiche chapter 15, related papers slides11b 828X 2019 Algorithms for Reasoning with graphical models

1.12k views • 67 slides
Directed Graphical Models Michael Gutmann Probabilistic Modelling and Reasoning (INFR11134)

Directed Graphical Models Michael Gutmann Probabilistic Modelling and Reasoning (INFR11134)

Directed Graphical Models Michael Gutmann Probabilistic Modelling and Reasoning (INFR11134) School of Informatics, University of Edinburgh Spring semester 2018 Recap We talked about reasonably weak assumption to facilitate the efficient

1.18k views • 66 slides
Probabilistic Graphical Models Probabilistic Graphical Models Undirected Models Fall 2019

Probabilistic Graphical Models Probabilistic Graphical Models Undirected Models Fall 2019

Probabilistic Graphical Models Probabilistic Graphical Models Undirected Models Fall 2019 Siamak Ravanbakhsh Learning objectives Learning objectives Markov networks: how it represents a prob. dist. independence assumptions

941 views • 57 slides
Slides Set 11 (part a): Sampling Techniques for Probabilistic and Deterministic Graphical models

Slides Set 11 (part a): Sampling Techniques for Probabilistic and Deterministic Graphical models

Algorithms for Reasoning with graphical models Slides Set 11 (part a): Sampling Techniques for Probabilistic and Deterministic Graphical models Rina Dechter (Reading Darwiche chapter 15, related papers) slides11a 828X 2019 Sampling

1.05k views • 78 slides
Computer Science Let me be provocative Probabilistic graphical models is how we do probabilistic

Computer Science Let me be provocative Probabilistic graphical models is how we do probabilistic

Computer Science Let me be provocative Probabilistic graphical models is how we do probabilistic AI! Graphical models of variable-level (in)dependence are a broken abstraction. [VdB KRR15] Let me be provocative Probabilistic graphical models

782 views • 63 slides
Probabilistic Graphical Models Probabilistic Graphical Models Parameter learning in Bayesian

Probabilistic Graphical Models Probabilistic Graphical Models Parameter learning in Bayesian

Probabilistic Graphical Models Probabilistic Graphical Models Parameter learning in Bayesian networks Siamak Ravanbakhsh Fall 2019 Learning objectives Learning objectives likelihood function and MLE role of the sufficient statistics MLE for

644 views • 60 slides
Slides Set 9(part b): Sampling Techniques for Probabilistic and Deterministic Graphical models

Slides Set 9(part b): Sampling Techniques for Probabilistic and Deterministic Graphical models

Reasoning with graphical models Slides Set 9(part b): Sampling Techniques for Probabilistic and Deterministic Graphical models Rina Dechter (Reading Darwiche chapter 15, cutset-sampling paper posted) slides 9b 276 2020 Overview 1.

1.02k views • 63 slides
Probabilistic Graphical Models Probabilistic Graphical Models Variable elimination Siamak

Probabilistic Graphical Models Probabilistic Graphical Models Variable elimination Siamak

Probabilistic Graphical Models Probabilistic Graphical Models Variable elimination Siamak Ravanbakhsh Fall 2019 Learning objective Learning objective an intuition for inference in graphical models why is it difficult? exact inference by

1.49k views • 62 slides
Probabilistic Graphical Models Probabilistic Graphical Models Exponential family &

Probabilistic Graphical Models Probabilistic Graphical Models Exponential family &

Probabilistic Graphical Models Probabilistic Graphical Models Exponential family & Variational Inference I Siamak Ravanbakhsh Fall 2019 Learning objectives Learning objectives entropy exponential family distribution duality in

1.38k views • 85 slides
Unique equilibrium states for geodesic flows in nonpositive curvature Todd Fisher Department of

Unique equilibrium states for geodesic flows in nonpositive curvature Todd Fisher Department of

Unique equilibrium states for geodesic flows in nonpositive curvature Todd Fisher Department of Mathematics Brigham Young University Fractal Geometry, Hyperbolic Dynamics and Thermodynamical Formalism Joint work with K. Burns, V. Climenhaga,

597 views • 40 slides
Product Development Dilemma Product Development Dilemma

Product Development Dilemma Product Development Dilemma

A Revolutionary Solution for A Revolutionary Solution for Unified RF System and Circuit Unified RF System and Circuit Design Design EDP-2002 Conference Monterey, California April 21-23 James Spoto President and CEO AWR Product

172 views • 6 slides
Preparing for the Unexpected Samuel Parkinson samuel.parkinson@ft.com #qconlondon

Preparing for the Unexpected Samuel Parkinson samuel.parkinson@ft.com #qconlondon

Preparing for the Unexpected Samuel Parkinson samuel.parkinson@ft.com #qconlondon #prepfortheunexpected Photo by Hush Naidoo on Unsplash #qconlondon #prepfortheunexpected #qconlondon #prepfortheunexpected Lets start with a story

1.96k views • 181 slides
Multiclass Boosting with Repartitioning Ling Li Learning Systems Group, Caltech ICML 2006

Multiclass Boosting with Repartitioning Ling Li Learning Systems Group, Caltech ICML 2006

Introduction Multiclass Boosting Repartitioning Experiments Summary Multiclass Boosting with Repartitioning Ling Li Learning Systems Group, Caltech ICML 2006 Introduction Multiclass Boosting Repartitioning Experiments Summary Binary

545 views • 23 slides
Consistent Multitask Learning with Nonlinear Output Constraints Carlo Ciliberto Department of

Consistent Multitask Learning with Nonlinear Output Constraints Carlo Ciliberto Department of

Consistent Multitask Learning with Nonlinear Output Constraints Carlo Ciliberto Department of Computer Science, UCL joint work w/ Alessandro Rudi, Lorenzo Rosasco and Massi Pontil Multitask Learning (MTL) MTL Mantra : leverage the similarities

329 views • 22 slides
Modeling Cache Sharing for MPI Programs on Multi-core Machines Bin Bao, Chen Ding University of

Modeling Cache Sharing for MPI Programs on Multi-core Machines Bin Bao, Chen Ding University of

Modeling Cache Sharing for MPI Programs on Multi-core Machines Bin Bao, Chen Ding University of Rochester Nov 10, 2011 The 10th Workshop On

346 views • 20 slides
Dynamic Response of a Large-scale Prestressed Concrete Girder Bridge Subjected to Hurricane Wave

Dynamic Response of a Large-scale Prestressed Concrete Girder Bridge Subjected to Hurricane Wave

Civil & Environmental Engineering Session: Bridge Survivability under Extreme Multi-Hazard Loading Dynamic Response of a Large-scale Prestressed Concrete Girder Bridge Subjected to Hurricane Wave Forces Thomas Schumacher, University of

397 views • 29 slides
Threshold adaptation and its time course Ming Xiang; Chris Kennedy; Allison Kramer

Threshold adaptation and its time course Ming Xiang; Chris Kennedy; Allison Kramer

Threshold adaptation and its time course Ming Xiang; Chris Kennedy; Allison Kramer University of Chicago The larger question What principles govern decisions about uncertain features of meaning in a speech situation? This is a

466 views • 43 slides

More recommend