A Method for Assigning Probability Distributions in Attack Simulation Languages
Cyber attacks on IT and OT systems can have severe consequences for individuals and organizations, from water or energy distribution systems to online banking services. To respond to these threats, attack simulations can be used to assess the cyber security of systems to foster a higher degree of re...
Main Authors: | , , |
---|---|
Format: | Article |
Language: | English |
Published: |
Riga Technical University
2021-04-01
|
Series: | Complex Systems Informatics and Modeling Quarterly |
Subjects: | |
Online Access: | https://csimq-journals.rtu.lv/article/view/4729 |
id |
doaj-ab52dafc67fd460aa9f349883312dc49 |
---|---|
record_format |
Article |
spelling |
doaj-ab52dafc67fd460aa9f349883312dc492021-05-07T12:53:58ZengRiga Technical UniversityComplex Systems Informatics and Modeling Quarterly2255-99222021-04-01026557710.7250/csimq.2021-26.042514A Method for Assigning Probability Distributions in Attack Simulation LanguagesWenjun Xiong0Simon Hacks1Robert Lagerström2School of Electrical Engineering and Computer Science, KTH Royal Institute of Technology, Brinellvägen 8, 114 28 StockholmSchool of Electrical Engineering and Computer Science, KTH Royal Institute of Technology, Brinellvägen 8, 114 28 StockholmSchool of Electrical Engineering and Computer Science, KTH Royal Institute of Technology, Brinellvägen 8, 114 28 StockholmCyber attacks on IT and OT systems can have severe consequences for individuals and organizations, from water or energy distribution systems to online banking services. To respond to these threats, attack simulations can be used to assess the cyber security of systems to foster a higher degree of resilience against cyber attacks; the steps taken by an attacker to compromise sensitive system assets can be traced, and a time estimate can be computed from the initial step to the compromise of assets of interest. Previously, the Meta Attack Language (MAL) was introduced as a framework to develop security-oriented domain-specific languages. It allows attack simulations on modeled systems and analyzes weaknesses related to known attacks. To produce more realistic simulation results, probability distributions can be assigned to attack steps and defenses to describe the efforts required for attackers to exploit certain attack steps. However, research on assessing such probability distributions is scarce, and we often rely on security experts to model attackers’ efforts. To address this gap, we propose a method to assign probability distributions to the attack steps and defenses of MAL-based languages. We demonstrate the proposed method by assigning probability distributions to a MAL-based language. Finally, the resulting language is evaluated by modeling and simulating a known cyber attack.https://csimq-journals.rtu.lv/article/view/4729attack simulationsthreat modelingdomain-specific languagecyber securityinformation collection |
collection |
DOAJ |
language |
English |
format |
Article |
sources |
DOAJ |
author |
Wenjun Xiong Simon Hacks Robert Lagerström |
spellingShingle |
Wenjun Xiong Simon Hacks Robert Lagerström A Method for Assigning Probability Distributions in Attack Simulation Languages Complex Systems Informatics and Modeling Quarterly attack simulations threat modeling domain-specific language cyber security information collection |
author_facet |
Wenjun Xiong Simon Hacks Robert Lagerström |
author_sort |
Wenjun Xiong |
title |
A Method for Assigning Probability Distributions in Attack Simulation Languages |
title_short |
A Method for Assigning Probability Distributions in Attack Simulation Languages |
title_full |
A Method for Assigning Probability Distributions in Attack Simulation Languages |
title_fullStr |
A Method for Assigning Probability Distributions in Attack Simulation Languages |
title_full_unstemmed |
A Method for Assigning Probability Distributions in Attack Simulation Languages |
title_sort |
method for assigning probability distributions in attack simulation languages |
publisher |
Riga Technical University |
series |
Complex Systems Informatics and Modeling Quarterly |
issn |
2255-9922 |
publishDate |
2021-04-01 |
description |
Cyber attacks on IT and OT systems can have severe consequences for individuals and organizations, from water or energy distribution systems to online banking services. To respond to these threats, attack simulations can be used to assess the cyber security of systems to foster a higher degree of resilience against cyber attacks; the steps taken by an attacker to compromise sensitive system assets can be traced, and a time estimate can be computed from the initial step to the compromise of assets of interest.
Previously, the Meta Attack Language (MAL) was introduced as a framework to develop security-oriented domain-specific languages. It allows attack simulations on modeled systems and analyzes weaknesses related to known attacks. To produce more realistic simulation results, probability distributions can be assigned to attack steps and defenses to describe the efforts required for attackers to exploit certain attack steps. However, research on assessing such probability distributions is scarce, and we often rely on security experts to model attackers’ efforts. To address this gap, we propose a method to assign probability distributions to the attack steps and defenses of MAL-based languages. We demonstrate the proposed method by assigning probability distributions to a MAL-based language. Finally, the resulting language is evaluated by modeling and simulating a known cyber attack. |
topic |
attack simulations threat modeling domain-specific language cyber security information collection |
url |
https://csimq-journals.rtu.lv/article/view/4729 |
work_keys_str_mv |
AT wenjunxiong amethodforassigningprobabilitydistributionsinattacksimulationlanguages AT simonhacks amethodforassigningprobabilitydistributionsinattacksimulationlanguages AT robertlagerstrom amethodforassigningprobabilitydistributionsinattacksimulationlanguages AT wenjunxiong methodforassigningprobabilitydistributionsinattacksimulationlanguages AT simonhacks methodforassigningprobabilitydistributionsinattacksimulationlanguages AT robertlagerstrom methodforassigningprobabilitydistributionsinattacksimulationlanguages |
_version_ |
1721455501931184128 |