Attack Modeling for Information Security and Survivability
description
Transcript of Attack Modeling for Information Security and Survivability
![Page 1: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/1.jpg)
Attack Modeling for Information Security and Survivability
Presented ByChad Frommeyer
![Page 2: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/2.jpg)
Introduction
• Introduction• Attack Trees• Attack Pattern Reuse• Attack Tree Refinement• Conclusions
![Page 3: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/3.jpg)
Introduction
• Problem– Attack Data not used for improving Design
and Implementation– Engineers still not learning from the past– Need a better way to utilize past attack data
• Solution (Attack Trees/Patterns)• ACME Enterprise
![Page 4: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/4.jpg)
![Page 5: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/5.jpg)
Attack Trees
• Definition– a systematic method to characterize system
security based on varying attacks
![Page 6: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/6.jpg)
Attack Trees (Structure/Semantics)
• Root Node• Tree Nodes
– Attack Sub-Goals• AND-Decomposition requires all to succeed• OR-Decomposition requires one to succeed
![Page 7: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/7.jpg)
AND Decomposition
OR Decomposition
![Page 8: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/8.jpg)
Attack Trees
• Intrusion Scenarios– Scenarios that result in achieving the primary
goal– Generated by traversing the tree in a depth-
first manner– Intermediate nodes are not appear
• Branch Refinement• ACME Attack Tree
![Page 9: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/9.jpg)
![Page 10: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/10.jpg)
![Page 11: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/11.jpg)
Attack Trees
• ACME intrusion scenarios• <1.1> , <1.2> , <2.1, 2.2, 2.3, 2.4>• <3.1> , <3.2>• <4.1> , <4.2> , <5.1> , <5.2> , <5.3>• <6.1> , <6.2>
![Page 12: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/12.jpg)
Attack Trees
• Refinement of ACME node 5.3
![Page 13: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/13.jpg)
![Page 14: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/14.jpg)
Attack Trees
• ACME intrusion scenarios (Refined)• <1, 2.1, 3.1, 4.1, 5.1> , <1, 2.2, 3.1, 4.1, 5.1>• <1, 2.3, 3.1, 4.1, 5.1> , <1, 2.1, 3.2, 4.1, 5.1>• <1, 2.2, 3.2, 4.1, 5.1> , <1, 2.3, 3.2, 4.1, 5.1>• <1, 2.1, 3.1, 4.2, 5.1> , <1, 2.2, 3.1, 4.2, 5.1>• <1, 2.3, 3.1, 4.2, 5.1> , <1, 2.1, 3.2, 4.2, 5.1>• <1, 2.2, 3.2, 4.2, 5.1> , <1, 2.3, 3.2, 4.2, 5.1>
![Page 15: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/15.jpg)
Attack Pattern Reuse
• Definition• Components of an Attack Pattern• Pertain to Software and Hardware• Attack Profiles
![Page 16: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/16.jpg)
Attack Pattern Reuse
• Components of an Attack Pattern– Overall Goal– Preconditions/Assumptions– Attack Steps– Post-conditions (true if attack is successful)
![Page 17: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/17.jpg)
![Page 18: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/18.jpg)
Buffer Overflow Attack
![Page 19: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/19.jpg)
![Page 20: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/20.jpg)
Unexpected Operator Attack
![Page 21: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/21.jpg)
![Page 22: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/22.jpg)
![Page 23: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/23.jpg)
Attack Pattern Reuse
• Components of an Attack Profile– Common Reference Model– Set of Variants– Set of Attack Patterns– Glossary of terms and phrases
![Page 24: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/24.jpg)
Attack Reference Model
![Page 25: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/25.jpg)
![Page 26: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/26.jpg)
Attack Tree Refinement
• Refinement Process• Require security expertise• Attack pattern libraries
![Page 27: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/27.jpg)
![Page 28: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/28.jpg)
Attack Tree Refinement
• Profile/Enterprise Consistency• Definition: “Consistency”• Attack Pattern Relevance• ACME Example
– Org = ACME– Intranet = ACME Internet– Firewall = ACME Firewall
![Page 29: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/29.jpg)
Attack Tree Refinement
• Resulting Reference Model
![Page 30: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/30.jpg)
Attack Tree Refinement
• Pattern Application– Show relevance to the attack tree goal
(relevance)– Applying Attack Patterns
![Page 31: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/31.jpg)
![Page 32: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/32.jpg)
![Page 33: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/33.jpg)
![Page 34: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/34.jpg)
![Page 35: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/35.jpg)
![Page 36: Attack Modeling for Information Security and Survivability](https://reader035.fdocuments.in/reader035/viewer/2022081418/56815df3550346895dcc2767/html5/thumbnails/36.jpg)
Conclusions
• Objective• Documentation via Attack Trees/Profiles• Documentation Reuse• Questions still to answer• Continued Research