squeezing state spaces of attack defence trees
play

Squeezing State Spaces of (Attack-Defence) Trees l Knapik 1 Wojciech - PowerPoint PPT Presentation

Aug 14, 2023 •140 likes •388 views

Squeezing State Spaces of (Attack-Defence) Trees l Knapik 1 Wojciech Penczek 1 Micha Laure Petrucci 2 Teofil Sidoruk 1 1 Institute of Computer Science, Polish Academy of Sciences 2 LIPN, CNRS UMR 7030, Universit e Sorbonne Paris Nord LAMAS

  1. Squeezing State Spaces of (Attack-Defence) Trees l Knapik 1 Wojciech Penczek 1 Micha� Laure Petrucci 2 Teofil Sidoruk 1 1 Institute of Computer Science, Polish Academy of Sciences 2 LIPN, CNRS UMR 7030, Universit´ e Sorbonne Paris Nord LAMAS May 10, 2020 M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 1 / 11

  2. Motivation Attack-Defence Trees [Kordy et al., 2011, Aslanyan and Nielson, 2015] allow for studying interactions between attacker and defender parties: ◮ performance ◮ feasibility An agent-aware model ◮ asynchronous multi-agent systems, an automata-based formalism [Jamroga et al., 2018] ◮ extended with attributes and functions ◮ quantitative and qualitative analysis M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 2 / 11

  3. Attack-Defence Trees Name Cost Time TS (treasure stolen) TS p (police) e 100 10 min TF (thieves fleeing) ST (steal treasure) 2 min p TF b (bribe gatekeeper) e 500 1 h f (force arm. door) e 100 2 h GA (get away) ST GA h (helicopter) e 500 3 min e (emergency exit) 10 min e b f h Condition for TS: init time ( p ) > init time ( ST ) + time ( GA ) M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 3 / 11

  4. Exhaustive analysis ◮ Build the EAMAS by replacing each ADTree node by an automaton ◮ State space explosion Modelling with reduced patterns [Arias et al., 2019] ? a 2 ok A l 1 l 2 · · · l n l A k o 1 a ? A ! A ok ? a 1 nok l 0 ? a 2 nok a 1 a n · · · . . ? a n nok . l ′ ! A nok 1 M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 4 / 11

  5. Exhaustive analysis ◮ Build the EAMAS by replacing each ADTree node by an automaton ◮ State space explosion Modelling with reduced patterns [Arias et al., 2019] ? a 2 ok A l 2 · · · l n l 1 l A k o 1 a ? A ! A ok ? a 1 nok l 0 ? a 2 nok a 1 · · · a n . . ? a n nok . l ′ ! A nok 1 M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 4 / 11

  6. Exhaustive analysis ◮ Build the EAMAS by replacing each ADTree node by an automaton ◮ State space explosion Modelling with reduced patterns [Arias et al., 2019] Goes beyond POR! ? a 2 ok A l 1 l 2 · · · l n l A k o a 1 ? A ! A ok ? a 1 nok l 0 ? a 2 nok a 1 a n · · · . . ? a n nok . l ′ ! A nok 1 M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 4 / 11

  7. Exhaustive analysis ◮ Build the EAMAS by replacing each ADTree node by an automaton ◮ State space explosion Modelling with reduced patterns [Arias et al., 2019] Goes beyond POR! ? a 2 ok A l 1 l 2 · · · l n l A k o a 1 ? A ! A ok ? a 1 nok l 0 ? a 2 nok a 1 a n · · · . . ? a n nok . l ′ ! A nok 1 Patterns state space reduction is not enough! M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 4 / 11

  8. Outline Guarded Update Systems 1 General Definition Properties for Tree Topologies Layered Reduction for Trees 2 Experiments 3 Conclusion & Perspectives 4 M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 5 / 11

  9. Guarded Update Systems Asynchronous product of automata equipped with: ◮ integer variables ◮ guards: boolean formulae over linear terms on variables ◮ updates: assignments obtained by functions over variables ◮ in synchronised transitions, a variable should not be updated more than once GUS synchronisation topology ◮ nodes: individual automata ◮ edges: connect nodes that share a synchronised transition M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 6 / 11

  10. Guarded Update Systems Asynchronous product of automata equipped with: ◮ integer variables ◮ guards: boolean formulae over linear terms on variables ◮ updates: assignments obtained by functions over variables ◮ in synchronised transitions, a variable should not be updated more than once GUS synchronisation topology ◮ nodes: individual automata ◮ edges: connect nodes that share a synchronised transition M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 6 / 11

  11. Properties for Tree Topologies Precedence Actions synchronised with children actions occur before the other ones Root-directed Synchronisation Tree Precedence is satisfied for the whole tree Update separability ◮ a variable is updated in at most one component ◮ it is tested only in the ancestors of this component in the tree ADTrees topologies are root-directed and update-separable M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 7 / 11

  12. Properties for Tree Topologies Precedence Actions synchronised with children actions occur before the other ones Root-directed Synchronisation Tree Precedence is satisfied for the whole tree Update separability ◮ a variable is updated in at most one component ◮ it is tested only in the ancestors of this component in the tree ADTrees topologies are root-directed and update-separable M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 7 / 11

  13. Layered Reduction for Trees ? out 1 ? out 2 v ≥ 0 l 0 l 1 l 2 M F ? in 2 ? in 3 ? in 1 l 0 l 1 l 0 l 1 l 2 M N 1 M N 2 ! out 1 ? in 4 ! out 2 ! in 1 ! in 4 ! in 2 ! in 3 l 0 l 0 l 1 l 2 l 0 v := 1 M C 1 M C 2 M C 3 State space size Full: 14 states, 19 edges Reduced: 12 states, 14 edges M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 8 / 11

  14. Layered Reduction for Trees ? out 1 ? out 2 , d 1 := d 1 + 2 v ≥ 0 l 0 l 1 l 2 M F ? in 3 , d 2 := d 2 + 2 ? in 2 ? in 1 , d 2 := d 2 + 1 l 0 l 1 l 0 l 1 l 2 M N 1 M N 2 ! out 1 ? in 4 , d 2 := d 2 + 2 ! out 2 ! in 1 ! in 4 ! in 2 ! in 3 l 0 l 0 l 1 l 2 l 0 v := 1 M C 1 M C 2 M C 3 State space size Full: 14 states, 19 edges Reduced: 12 states, 14 edges M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 8 / 11

  15. Layered Reduction for Trees ? out 1 ? out 2 , d 1 := d 1 + 2 v ≥ 0 l 0 l 1 l 2 M F ? in 3 , d 2 := d 2 + 2 ? in 2 ? in 1 , d 2 := d 2 + 1 l 0 l 1 l 0 l 1 l 2 M N 1 M N 2 d 2 = 3 , ! out 1 ? in 4 , d 2 := d 2 + 2 d 2 = 3 , ! out 2 ! in 1 ! in 4 ! in 2 ! in 3 l 0 l 0 l 1 l 2 l 0 v := 1 M C 1 M C 2 M C 3 State space size Full: 14 states, 19 edges Reduced: 12 states, 14 edges M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 8 / 11

  16. Layered Reduction for Trees ? out 1 ? out 2 , d 1 := d 1 + 2 v ≥ 0 l 0 l 1 l 2 M F ? in 3 , d 2 := d 2 + 2 ? in 2 ? in 1 , d 2 := d 2 + 1 l 0 l 1 l 0 l 1 l 2 M N 1 M N 2 d 2 = 3 , ! out 1 ? in 4 , d 2 := d 2 + 2 d 2 = 3 , ! out 2 ! in 1 ! in 4 ! in 2 ! in 3 l 0 l 0 l 1 l 2 l 0 v := 1 M C 1 M C 2 M C 3 State space size Full: 14 states, 19 edges Reduced: 12 states, 14 edges M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 8 / 11

  17. Experiments Experimental setup ◮ model-checker IMITATOR (http://imitator.fr) ◮ 2 . 7 GHz Intel Core i7, with 16 GB of memory ◮ timeout of 30 minutes Some case studies applying both reductions vs. patterns vs. full Case study % size % reduction % size % reduction treasure-hunters 47 . 44 % 52 . 56 % 13 . 26 % 86 . 74 % forestall 24 . 97 % 75 . 03 % 2 . 37 % 97 . 63 % iot-dev 40 . 90 % 59 . 10 % 8 . 53 % 91 . 47 % gain-admin No Timeout! M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 9 / 11

  18. Experiments Experimental setup ◮ model-checker IMITATOR (http://imitator.fr) ◮ 2 . 7 GHz Intel Core i7, with 16 GB of memory ◮ timeout of 30 minutes Some case studies applying both reductions vs. patterns vs. full Case study % size % reduction % size % reduction treasure-hunters 47 . 44 % 52 . 56 % 13 . 26 % 86 . 74 % forestall 24 . 97 % 75 . 03 % 2 . 37 % 97 . 63 % iot-dev 40 . 90 % 59 . 10 % 8 . 53 % 91 . 47 % gain-admin No Timeout! M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 9 / 11

  19. Scaling up Experiments Scalability of different reductions (2 child nodes) 10000000 1000000 100000 10000 1000 100 10 1 depth 4 4 6 8 4 6 8 10 4 6 8 10 4 6 8 10 4 6 8 4 6 4 4 width 2 3 3 3 4 4 4 4 5 5 5 5 6 6 6 6 7 7 7 8 8 9 10 ADT nodes 7 9 13 15 11 15 17 23 13 17 19 25 15 19 21 27 17 21 23 19 23 21 23 both S both T patterns S patterns T layers S layers T no reduction S no reduction T M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 10 / 11

  20. Conclusion & Perspectives Summary ◮ A framework for model-checking systems that manipulate data ◮ Layered reduction approach to harness state space explosion ◮ Gains confirmed by extensive experiments on Attack-Defence Trees Future work ◮ Extend the approach to DAGs ◮ Take into account the assignment of agents to ADTree nodes ◮ Study other application domains exhibiting such topologies (e.g. workflows) ◮ Use as a basis for a compositional and parallel analysis M. Knapik, W. Penczek, L. Petrucci, T. Sidoruk Squeezing State Spaces of (AD)Trees LAMAS, May 2020 11 / 11

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

New Defence Perspective New Defence Perspective New Defence Perspective New Defence Perspective

New Defence Perspective New Defence Perspective New Defence Perspective New Defence Perspective

New Defence Perspective New Defence Perspective New Defence Perspective New Defence Perspective Innovative technology, knowledge, problem solving are critical for Canada and its allies to mitigate new threats, stay ahead of potential

469 views • 18 slides
Covert channels in TCP/IP: attack and defence The creation and detection of TCP/IP steganography

Covert channels in TCP/IP: attack and defence The creation and detection of TCP/IP steganography

Covert channels in TCP/IP: attack and defence The creation and detection of TCP/IP steganography for covert channels and device fingerprinting Steven J. Murdoch and Stephen Lewis http://www.cl.cam.ac.uk/users/ { sjm217 , srl32 } Computer

1.12k views • 37 slides
Covert channels in TCP/IP: attack and defence The creation and detection of TCP/IP steganography

Covert channels in TCP/IP: attack and defence The creation and detection of TCP/IP steganography

Covert channels in TCP/IP: attack and defence The creation and detection of TCP/IP steganography for covert channels and device fingerprinting Steven J. Murdoch and Stephen Lewis http://www.cl.cam.ac.uk/users/ { sjm217 , srl32 } Computer

915 views • 36 slides
Squeezing Information from Data at Exascale Joel Saltz Emory University Georgia Tech Squeezing

Squeezing Information from Data at Exascale Joel Saltz Emory University Georgia Tech Squeezing

Squeezing Information from Data at Exascale Joel Saltz Emory University Georgia Tech Squeezing Information from Temporal Spatial Datasets Leverage exascale data and 2 computer resources to squeeze the most out of image, sensor or

642 views • 36 slides
Study and experiment on the alternative technique of frequencydependent squeezing generation

Study and experiment on the alternative technique of frequencydependent squeezing generation

Study and experiment on the alternative technique of frequencydependent squeezing generation with EPR entanglement for next generation of gravitational wave detectors. Mateusz Bawaj on behalf of Virgo squeezing team Noise sources in Adv

248 views • 11 slides
Making choices in multi-dimensional parameter spaces PhD thesis defence Steven Bergner Model

Making choices in multi-dimensional parameter spaces PhD thesis defence Steven Bergner Model

Making choices in multi-dimensional parameter spaces PhD thesis defence Steven Bergner Model adjustment at different levels User-driven experimentation: Use cases for paraglide Criteria optimization: Lighting design Theoretical

1.98k views • 143 slides
WELCOME Les Shearn Alliance Facilitator Defence Teaming Centre Defence Industry Liaison

WELCOME Les Shearn Alliance Facilitator Defence Teaming Centre Defence Industry Liaison

WELCOME Les Shearn Alliance Facilitator Defence Teaming Centre Defence Industry Liaison Officer - Defence SA 1 DEFENCE SA A SOUTH AUSTRALIAN GOVERNMENT AGENCY MISSION Facilitate the growth of Defence and sustainable defence industries in

457 views • 13 slides
Lecture 1: Trees, tree metric and tree spaces Piotr Zwiernik University of Genoa Algebraic

Lecture 1: Trees, tree metric and tree spaces Piotr Zwiernik University of Genoa Algebraic

Introduction Trees Tree metrics Phylogenetic oranges Tree correlations Further concepts Lecture 1: Trees, tree metric and tree spaces Piotr Zwiernik University of Genoa Algebraic Statistics 2015 Genova June 11, 2015 Lecture 1: Trees,

976 views • 85 slides
Assisted Generation of Attack Trees : the ATSyRAprototype Sophie Pinchinat joint work with

Assisted Generation of Attack Trees : the ATSyRAprototype Sophie Pinchinat joint work with

Assisted Generation of Attack Trees : the ATSyRAprototype Sophie Pinchinat joint work with Mathieu Acher and Didier Vojtisek Universit e de Rennes 1 GraMSec, 13 July 2015 Outline Introductory example 1 Goal decomposition High-level

798 views • 32 slides
Search in State Spaces 26th September 2019 Petter Kristiansen Search in State Spaces Many

Search in State Spaces 26th September 2019 Petter Kristiansen Search in State Spaces Many

Search in State Spaces 26th September 2019 Petter Kristiansen Search in State Spaces Many problems can be solved by using some form of search in a state space. We look at the following methods: Backtracking (Ch. 10)

476 views • 44 slides
Decision Trees and Nave Bayes 3/29/17 Hypothesis Spaces Decision Trees and K-Nearest

Decision Trees and Nave Bayes 3/29/17 Hypothesis Spaces Decision Trees and K-Nearest

Decision Trees and Nave Bayes 3/29/17 Hypothesis Spaces Decision Trees and K-Nearest Neighbors Continuous inputs Discrete outputs Nave Bayes Discrete inputs Discrete outputs Building a Decision Tree Greedy algorithm:

468 views • 17 slides
HOROCYCLIC PRODUCTS OF TREES AND HYPERBOLIC SPACES Wolfgang WOESS Graz University of Technology,

HOROCYCLIC PRODUCTS OF TREES AND HYPERBOLIC SPACES Wolfgang WOESS Graz University of Technology,

HOROCYCLIC PRODUCTS OF TREES AND HYPERBOLIC SPACES Wolfgang WOESS Graz University of Technology, Austria (No kangaroos in Austria !) 1 1. Treebolic spaces H = { x + i y : x R , y > 0 } hyperbolic upper half space, T = T q homogeneous

519 views • 19 slides
( ( ) ) ( ) ( ) = = Work = h log t n B- B -Trees Trees B B- -Trees

( ( ) ) ( ) ( ) = = Work = h log t n B- B -Trees Trees B B- -Trees

B- B -Trees Trees B B- -Trees Trees Search for key R ( ( ) ) ( ) ( ) = = Work = h log t n B- B -Trees Trees B B- -Trees Trees Each Disk-Read or Disk-Write = one Basic unit of work O(1) Typical Node x

287 views • 4 slides
Causal Model Extraction from Attack Trees to Attribute Malicious Insider Attacks Amjad Ibrahim,

Causal Model Extraction from Attack Trees to Attribute Malicious Insider Attacks Amjad Ibrahim,

Causal Model Extraction from Attack Trees to Attribute Malicious Insider Attacks Amjad Ibrahim, Simon Rehwald, Antoine Scemama, Florian Andres, Alexander Pretschner Technische Universitt Mnchen Department of Informatics Chair of Software

512 views • 24 slides
Combinatorics of spaces of trees: an application of topology to phylogenetics Curran N. McConnell

Combinatorics of spaces of trees: an application of topology to phylogenetics Curran N. McConnell

Combinatorics of spaces of trees: an application of topology to phylogenetics Curran N. McConnell Dalhousie University Categorical Approaches to Topology and Geometry, CMS Summer Meeting 2019 How phylogenetics works Discover when species

719 views • 56 slides
6.1 Representation of State Spaces 5.7. Foundations 5. State Spaces 6.

6.1 Representation of State Spaces 5.7. Foundations 5. State Spaces 6.

Foundations of Artificial Intelligence March 4, 2016 6. State-Space Search: Representation of State Spaces Foundations of Artificial Intelligence 6.1 Representation of State Spaces 6. State-Space Search: Representation of State Spaces 6.2

188 views • 4 slides
Software Security CSM27 Computer Security Dr Hans Georg Schaathun University of Surrey Autumn

Software Security CSM27 Computer Security Dr Hans Georg Schaathun University of Surrey Autumn

Software Security CSM27 Computer Security Dr Hans Georg Schaathun University of Surrey Autumn 2008 Week 9 Dr Hans Georg Schaathun Software Security Autumn 2008 Week 9 1 / 30 The session Outline The session 1 Examples 2

2.26k views • 40 slides
Overview of HPM as a Pulsed Overview of HPM as a Pulsed Power Application at FOI Power

Overview of HPM as a Pulsed Overview of HPM as a Pulsed Power Application at FOI Power

Overview of HPM as a Pulsed Overview of HPM as a Pulsed Power Application at FOI Power Application at FOI Sten E Nyholm , Mose Akyuz, Patrik Appelgren, Mattias Elfsberg, Sten E Nyholm , Mose Akyuz, Patrik Appelgren, Mattias Elfsberg, Tomas

639 views • 26 slides
Presentation of the MSFR reactor concept Presentation of the MSFR reactor concept E. MERLE-LUCOTTE

Presentation of the MSFR reactor concept Presentation of the MSFR reactor concept E. MERLE-LUCOTTE

Presentation of the MSFR reactor concept Presentation of the MSFR reactor concept E. MERLE-LUCOTTE Professor at CNRS-IN2P3-LPSC / Grenoble INP - PHELMA For the MSFR team - M. ALLI BERT, M. AUFI ERO, M. BROVCHENKO, D. HEUER, V. GHETTA, A.

201 views • 16 slides
Language/OS Based Security 1 Infrastructure 2 Security Abstraction Layers 3 OS Security

Language/OS Based Security 1 Infrastructure 2 Security Abstraction Layers 3 OS Security

Language/OS Based Security 1 Infrastructure 2 Security Abstraction Layers 3 OS Security Control 4 Abstraction Imperfections OS: Each process has exclusive access to its own CPU and memory Illusion!! A process may be able to

429 views • 21 slides
Examines Americas foreign economic objectives, assesses the role and depth of corporate

Examines Americas foreign economic objectives, assesses the role and depth of corporate

Jan 30, Feb 1 US Power and Multinational Corporations Examines Americas foreign economic objectives, assesses the role and depth of corporate influence in the policy-making process, and examines US concerns, attitudes, and policies as the

509 views • 14 slides
Server -side security risks (esp sp. . injection jection atta ttacks) s) websec 1 Attacks

Server -side security risks (esp sp. . injection jection atta ttacks) s) websec 1 Attacks

Web Securi rity ty Server -side security risks (esp sp. . injection jection atta ttacks) s) websec 1 Attacks on the web server malicious input web server er output This can be attacks on Availability: i.e. DoS attack, where attacker

1.86k views • 79 slides
Vienna PhD School of Informatics www.informatik.tuwien.ac.at/phdschool M. C. Calatrava, H.

Vienna PhD School of Informatics www.informatik.tuwien.ac.at/phdschool M. C. Calatrava, H.

Vienna PhD School of Informatics www.informatik.tuwien.ac.at/phdschool M. C. Calatrava, H. Werthner Outline Objectives and design Some results First summary Objectives Structured full-time program with scientific focus Focus on

551 views • 15 slides
The Case for Cloud Robotics and Real-Time Big Data Richard Voyles Program Director, National

The Case for Cloud Robotics and Real-Time Big Data Richard Voyles Program Director, National

Robotics as a Singularity: The Case for Cloud Robotics and Real-Time Big Data Richard Voyles Program Director, National Science Foundation Computer & Information Science and Engineering Directorate August 17, 2013 Risk-Averse

704 views • 28 slides

More recommend