Your search keyword '"graphical security models"' showing total 11 results

1. Toward Automated Security Analysis and Enforcement for Cloud Computing Using Graphical Models for Security

Author

Seongmo An, Asher Leung, Jin B. Hong, Taehoon Eom, and Jong Sou Park

Subjects

Cloud computing, cloud security, graphical security models, security assessment, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Cloud computing has become widely adopted by businesses for hosting applications with improved performance at a fraction of the operational costs and complexity. The rise of cloud applications has been coupled with an increase in security threat vectors and vulnerabilities. In this paper, we propose a new security assessment and enforcement tool for the cloud named CloudSafe, which provides an automated security assessment and enforce best security control for the cloud by collating various security tools. To demonstrate the applicability and usability of CloudSafe, we implemented CloudSafe and conducted security assessment in Amazon AWS. Also, we analyzed four different security countermeasure options in depth; Vulnerability Patching, Virtual Patching, Network Hardening and Moving Target Defence. Virtual Patching, Network Hardening and Moving Target Defence were determined to be feasible with regards to deployment implementation for the project. Proof of concepts were developed demonstrating the effectiveness of each feasible countermeasure option. These results indicate that the proposed tool CloudSafe is effective and efficient in helping security administrators to select optimal countermeasures to secure their cloud by conducting an in-depth security assessment.

Published

2022

2. Survey: Automatic generation of attack trees and attack graphs

Author

Konsta, Alyzia-Maria, Lluch Lafuente, Alberto, Spiga, Beatrice, Dragoni, Nicola, Konsta, Alyzia-Maria, Lluch Lafuente, Alberto, Spiga, Beatrice, and Dragoni, Nicola

Abstract

Graphical security models constitute a well-known, user-friendly way to represent the security of a system. These classes of models are used by security experts to identify vulnerabilities and assess the security of a system. The manual construction of these models can be tedious, especially for large enterprises. Consequently, the research community is trying to address this issue by proposing methods for the automatic generation of such models. In this work, we present a survey illustrating the current status of the automatic generation of two popular kinds of graphical security models: Attack Trees and Attack Graphs. The goal of this survey is to present the current methodologies used in the field, compare them, and present the challenges and future directions to the research community.

Published

2024

3. Proactive Defense for Internet-of-things: Moving Target DefenseWith Cyberdeception.

Author

MENGMENG GE, JIN-HEE CHO, DONGSEONG KIM, GAURAV DIXIT, and ING-RAY CHEN

Subjects

WIRELESS sensor networks, HYBRID systems, SOFTWARE-defined networking, GENETIC algorithms

Abstract

Resource constrained Internet-of-Things (IoT) devices are highly likely to be compromised by attackers, because strong security protections may not be suitable to be deployed. This requires an alternative approach to protect vulnerable components in IoT networks. In this article, we propose an integrated defense technique to achieve intrusion prevention by leveraging cyberdeception (i.e., a decoy system) and moving target defense (i.e., network topology shuffling). We evaluate the effectiveness and efficiency of our proposed technique analytically based on a graphical security model in a software-defined networking (SDN)-based IoT network. We develop four strategies (i.e., fixed/random and adaptive/hybrid) to address “when” to perform network topology shuffling and three strategies (i.e., genetic algorithm/decoy attack path-based optimization/random) to address “how” to perform network topology shuffling on a decoy-populated IoT network, and we analyze which strategy can best achieve a system goal, such as prolonging the system lifetime, maximizing deception effectiveness, maximizing service availability, or minimizing defense cost. We demonstrated that a softwaredefined IoT network running our intrusion prevention technique at the optimal parameter setting prolongs system lifetime, increases attack complexity of compromising critical nodes, and maintains superior service availability compared with a counterpart IoT network without running our intrusion prevention technique. Further, when given a single goal or a multi-objective goal (e.g., maximizing the system lifetime and service availability while minimizing the defense cost) as input, the best combination of “when” and “how” strategies is identified for executing our proposed technique under which the specified goal can be best achieved. [ABSTRACT FROM AUTHOR]

Published

2021

4. A Systematic Approach to Threat Modeling and Security Analysis for Software Defined Networking

Author

Taehoon Eom, Jin B. Hong, Seongmo An, Jong Sou Park, and Dong Seong Kim

Subjects

Attack graphs, graphical security models, security analysis, software defined networking, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Software Defined Networking (SDN) extends capabilities of existing networks by providing various functionalities, such as flexible networking controls. However, there are many security threat vectors in SDN, including existing and emerging ones arising from new functionalities, that may hinder the use of SDN. To tackle this problem, many countermeasures have been developed to mitigate various threats faced in SDN. However, their effectiveness must be analyzed and compared to fully understand how security posture of SDN changes when the countermeasure is adopted. Also, it becomes difficult to optimize the security of SDN without using a systematic approach to evaluate the security posture of SDN. In this paper, we propose a novel framework to systematically model and analyze the security posture of SDN. We develop a novel graphical security model formalism named Threat Vector Hierarchical Attack Representation Model (TV-HARM), which provides a systematic approach to evaluate threats, attacks and countermeasures for SDN. The TV-HARM captures different threats and their combinations, enabling security risk assessment of SDN. In addition, we define three new security metrics to represent security of SDN. Our experimental results showed that the proposed security assessment framework can capture and evaluate various security threats to SDN, demonstrating the applicability and feasibility of the proposed framework.

Published

2019

5. Effective Security Analysis for Combinations of MTD Techniques on Cloud Computing (Short Paper)

Author

Alavizadeh, Hooman, Kim, Dong Seong, Hong, Jin B., Jang-Jaccard, Julian, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Liu, Joseph K., editor, and Samarati, Pierangela, editor

Published

2017

6. Stochastic-based Semantics Of Attack-Defense Trees For Security Assessment.

Author

Lounis, Karim

Subjects

DATA security, STOCHASTIC analysis, METHODOLOGY, DATA protection, MATHEMATICAL analysis

Abstract

Losses caused by cyber-attacks are considerably increasing each year. The need for an optimal security assessment methodology that combines mathematical foundations with practical and user-friendly representations has become imperatively crucial. In this paper, we propose a stochastic security assessment methodology that adopts attack-defense trees model to represent security scenarios, and stochastic models to perform both qualitative and quantitative assessment. We illustrate our approach with a simple but realistic example study. [ABSTRACT FROM AUTHOR]

Published

2018

7. Variability meets Security: Quantitative security modeling and analysis of highly customizable attack scenarios

Author

ter Beek, Maurice H., Legay, Axel, Lluch Lafuente, Alberto, Vandin, Andrea, ter Beek, Maurice H., Legay, Axel, Lluch Lafuente, Alberto, and Vandin, Andrea

Abstract

We present a framework for quantitative security modeling and analysis of highly customizable attack scenarios, which resulted as a spin-off from our research in software product line engineering. The graphical security models are based on attributed attack-defense diagrams to capture the structure and properties of vulnerabilities, defenses and countermeasures-with notable similarities to feature diagrams-and on probabilistic models of attack behavior, capable of capturing resource constraints and attack effectiveness. In this paper, we provide an overview of the framework that is described in full technical detail in twin papers, which present the formal syntax and semantics of the domain-specific language and showcase the associated tool with advanced IDE support for performing analyses based on statistical model checking. The properties of interest range from average cost and success probability of attacks to the effectiveness of defenses and countermeasures. Here we illustrate the capabilities of the DSL and the tool by applying them to an example scenario from the security domain. This shows how techniques from variability modeling can be applied to security. We conclude with a vision and roadmap for future research.

Published

2020

8. Advanced metering infrastructures - security risks and mitigation

Author

Konstantinos-Panagiotis Grammatikakis, Stavros Shiaeles, Ioannis Koufos, Gueltoum Bendiab, and Nicholas Kolokotronis

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Computer Networks and Communications, Smart meter, Computer science, 0211 other engineering and technologies, Context (language use), 02 engineering and technology, Intrusion detection system, Cyber-security, Computer security, computer.software_genre, Order (exchange), noissn, Graphical security models, 0202 electrical engineering, electronic engineering, information engineering, Intrusion detection, Consumption (economics), 021110 strategic, defence & security studies, 020206 networking & telecommunications, Computer security model, Variety (cybernetics), Attack mitigation, Human-Computer Interaction, Power grid, Software deployment, Malware detection, Computer Vision and Pattern Recognition, computer, Cryptography and Security (cs.CR), Software

Abstract

Energy providers are moving to the smart meter era, encouraging consumers to install, free of charge, these devices in their homes, automating consumption readings submission and making consumers life easier. However, the increased deployment of such smart devices brings a lot of security and privacy risks. In order to overcome such risks, Intrusion Detection Systems are presented as pertinent tools that can provide network-level protection for smart devices deployed in home environments. In this context, this paper is exploring the problems of Advanced Metering Infrastructures (AMI) and proposing a novel Machine Learning (ML) Intrusion Prevention System (IPS) to get optimal decisions based on a variety of factors and graphical security models able to tackle zero-day attacks.

Published

2020

9. Variability meets Security: Quantitative security modeling and analysis of highly customizable attack scenarios

Author

Beek, Maurice H. ter, Legay, Axel, Lafuente, Alberto Lluch, Vandin, Andrea, VaMoS '20: 14th International Working Conference on Variability Modelling of Software-Intensive Systems, and UCL - SST/ICTM/INGI - Pôle en ingénierie informatique

Subjects

Structure (mathematical logic), Quantitative security, business.industry, Computer science, Probabilistic logic, Security domain, 020207 software engineering, Attack-defense trees, Formal analysis tools, Graphical security models, Statistical model checking, Variability models, 02 engineering and technology, Computer security model, Semantics, Formal grammar, Digital subscriber line, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Software engineering, business, Software product line

Abstract

We present a framework for quantitative security modeling and analysis of highly customizable attack scenarios, which resulted as a spin-off from our research in software product line engineering. The graphical security models are based on attributed attack-defense diagrams to capture the structure and properties of vulnerabilities, defenses and countermeasures - with notable similarities to feature diagrams - and on probabilistic models of attack behavior, capable of capturing resource constraints and attack effectiveness. In this paper, we provide an overview of the framework that is described in full technical detail in twin papers, which present the formal syntax and semantics of the domain-specific language and showcase the associated tool with advanced IDE support for performing analyses based on statistical model checking. The properties of interest range from average cost and success probability of attacks to the effectiveness of defenses and countermeasures. Here we illustrate the capabilities of the DSL and the tool by applying them to an example scenario from the security domain. This shows how techniques from variability modeling can be applied to security. We conclude with a vision and roadmap for future research.

Published

2020

10. CloudSafe: A Tool for an Automated Security Analysis for Cloud Computing

Author

Dong Seong Kim, Noora Fetais, Taehoon Eom, Jin B. Hong, Armstrong Nhlabatsi, Jong Sou Park, Khaled M. Khan, and Seongmo An

Subjects

FOS: Computer and information sciences, Security analysis, Computer Science - Cryptography and Security, Exploit, Process (engineering), Computer science, Cloud computing, 0102 computer and information sciences, 02 engineering and technology, Computer security, computer.software_genre, 01 natural sciences, Graphical security models, 0202 electrical engineering, electronic engineering, information engineering, Cloud computing security, business.industry, 020206 networking & telecommunications, Security assessment, Computer security model, Cloud service provider, 010201 computation theory & mathematics, Cloud security, business, computer, Cryptography and Security (cs.CR)

Abstract

Cloud computing has been adopted widely, providing on-demand computing resources to improve performance and reduce operational costs. However, these new functionalities also bring new ways to exploit the cloud computing environment. To assess the security of the cloud, graphical security models can be used, such as Attack Graphs and Attack Trees. However, existing models do not consider all types of threats, and also automating the security assessment functions are difficult. In this paper, we propose a new security assessment tool for the cloud named CloudSafe, an automated security assessment for the cloud. The CloudSafe tool collates various tools and frameworks to automate the security assessment process. To demonstrate the applicability of the CloudSafe, we conducted security assessment in Amazon AWS, where our experimental results showed that we can effectively gather security information of the cloud and carry out security assessment to produce security reports. Users and cloud service providers can use the security report generated by the CloudSafe to understand the security posture of the cloud being used/provided. - 2019 IEEE. This paper was made possible by Grant NPRP 8-531-1-111 from Qatar National Research Fund (QNRF). The statements made herein are solely the responsibility of the authors. Scopus

Published

2019

11. Stochastic-based Semantics Of Attack-Defense Trees For Security Assessment

Author

Lounis, Karim and Lounis, Karim

Subjects

Attack-Defense Trees, [SCCO.COMP] Cognitive science/Computer science, Security Assessments, CTMCs, Stochastic Petri-nets, Attack-trees, Graphical Security Models

Abstract

Losses caused by cyber-attacks are considerably increasing each year. The need for an optimal securityassessment methodology that combines mathematical foundations with practical and user-friendly representationshas become imperatively crucial. In this paper, we propose a stochastic security assessmentmethodology that adopts attack-defense trees model to represent security scenarios, and stochastic modelsto perform both qualitative and quantitative assessment. We illustrate our approach with a simple butrealistic example study.

Published

2017