Attack Modeling for Information Security and Survivability - PowerPoint PPT Presentation
1 / 36
Title:
Attack Modeling for Information Security and Survivability
Description:
Attack Modeling for Information Security and Survivability Presented By Chad Frommeyer Introduction Introduction Attack Trees Attack Pattern Reuse Attack Tree ... – PowerPoint PPT presentation
Number of Views:70
Avg rating:3.0/5.0
Title: Attack Modeling for Information Security and Survivability
1
Attack Modeling for Information Security and
Survivability
- Presented By
- Chad Frommeyer
2
Introduction
- Introduction
- Attack Trees
- Attack Pattern Reuse
- Attack Tree Refinement
- Conclusions
3
Introduction
- Problem
- Attack Data not used for improving Design and
Implementation - Engineers still not learning from the past
- Need a better way to utilize past attack data
- Solution (Attack Trees/Patterns)
- ACME Enterprise
4
(No Transcript)
5
Attack Trees
- Definition
- a systematic method to characterize system
security based on varying attacks
6
Attack Trees (Structure/Semantics)
- Root Node
- Tree Nodes
- Attack Sub-Goals
- AND-Decomposition requires all to succeed
- OR-Decomposition requires one to succeed
7
AND Decomposition
OR Decomposition
8
Attack Trees
- Intrusion Scenarios
- Scenarios that result in achieving the primary
goal - Generated by traversing the tree in a depth-first
manner - Intermediate nodes are not appear
- Branch Refinement
- ACME Attack Tree
9
(No Transcript)
10
(No Transcript)
11
Attack Trees
- ACME intrusion scenarios
- lt1.1gt , lt1.2gt , lt2.1, 2.2, 2.3, 2.4gt
- lt3.1gt , lt3.2gt
- lt4.1gt , lt4.2gt , lt5.1gt , lt5.2gt , lt5.3gt
- lt6.1gt , lt6.2gt
12
Attack Trees
- Refinement of ACME node 5.3
13
(No Transcript)
14
Attack Trees
- ACME intrusion scenarios (Refined)
- lt1, 2.1, 3.1, 4.1, 5.1gt , lt1, 2.2, 3.1, 4.1, 5.1gt
- lt1, 2.3, 3.1, 4.1, 5.1gt , lt1, 2.1, 3.2, 4.1, 5.1gt
- lt1, 2.2, 3.2, 4.1, 5.1gt , lt1, 2.3, 3.2, 4.1, 5.1gt
- lt1, 2.1, 3.1, 4.2, 5.1gt , lt1, 2.2, 3.1, 4.2, 5.1gt
- lt1, 2.3, 3.1, 4.2, 5.1gt , lt1, 2.1, 3.2, 4.2, 5.1gt
- lt1, 2.2, 3.2, 4.2, 5.1gt , lt1, 2.3, 3.2, 4.2, 5.1gt
15
Attack Pattern Reuse
- Definition
- Components of an Attack Pattern
- Pertain to Software and Hardware
- Attack Profiles
16
Attack Pattern Reuse
- Components of an Attack Pattern
- Overall Goal
- Preconditions/Assumptions
- Attack Steps
- Post-conditions (true if attack is successful)
17
(No Transcript)
18
Buffer Overflow Attack
19
(No Transcript)
20
Unexpected Operator Attack
21
(No Transcript)
22
(No Transcript)
23
Attack Pattern Reuse
- Components of an Attack Profile
- Common Reference Model
- Set of Variants
- Set of Attack Patterns
- Glossary of terms and phrases
24
Attack Reference Model
25
(No Transcript)
26
Attack Tree Refinement
- Refinement Process
- Require security expertise
- Attack pattern libraries
27
(No Transcript)
28
Attack Tree Refinement
- Profile/Enterprise Consistency
- Definition Consistency
- Attack Pattern Relevance
- ACME Example
- Org ACME
- Intranet ACME Internet
- Firewall ACME Firewall
29
Attack Tree Refinement
- Resulting Reference Model
30
Attack Tree Refinement
- Pattern Application
- Show relevance to the attack tree goal
(relevance) - Applying Attack Patterns
31
(No Transcript)
32
(No Transcript)
33
(No Transcript)
34
(No Transcript)
35
(No Transcript)
36
Conclusions
- Objective
- Documentation via Attack Trees/Profiles
- Documentation Reuse
- Questions still to answer
- Continued Research
