{"title":"动态攻击树方法","authors":"Aliyu Tanko Ali, Damas P. Gruska","doi":"10.1109/irtm54583.2022.9791783","DOIUrl":null,"url":null,"abstract":"Cyber-Physical Systems (CPS) are special kinds of systems with seamless integration of different entities. They are deployed mostly in safety-critical sectors, which make them a target for a wide range of attacks. Identifying potential threats to these kinds of systems is crucial and difficult as they consist of many modules, different producers, different technologies like programming, machine learning, and sometimes different manufactures. In this paper, we proposed a way of model potential ways in which attackers may compromise such systems using attack trees. We define a set of threat environments (i.e., changes in the vulnerability landscape of the system overtime) with each consisting of different sets of vulnerabilities, and use an attack tree generation algorithm to produce a tree at each threat environment. We further apply an information flow property - the opacity, to check a special kind of attacker who can observe the systems' non-secret states.","PeriodicalId":426354,"journal":{"name":"2022 Interdisciplinary Research in Technology and Management (IRTM)","volume":"5 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-02-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Dynamic Attack Trees Methodology\",\"authors\":\"Aliyu Tanko Ali, Damas P. Gruska\",\"doi\":\"10.1109/irtm54583.2022.9791783\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cyber-Physical Systems (CPS) are special kinds of systems with seamless integration of different entities. They are deployed mostly in safety-critical sectors, which make them a target for a wide range of attacks. Identifying potential threats to these kinds of systems is crucial and difficult as they consist of many modules, different producers, different technologies like programming, machine learning, and sometimes different manufactures. In this paper, we proposed a way of model potential ways in which attackers may compromise such systems using attack trees. We define a set of threat environments (i.e., changes in the vulnerability landscape of the system overtime) with each consisting of different sets of vulnerabilities, and use an attack tree generation algorithm to produce a tree at each threat environment. We further apply an information flow property - the opacity, to check a special kind of attacker who can observe the systems' non-secret states.\",\"PeriodicalId\":426354,\"journal\":{\"name\":\"2022 Interdisciplinary Research in Technology and Management (IRTM)\",\"volume\":\"5 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-02-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 Interdisciplinary Research in Technology and Management (IRTM)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/irtm54583.2022.9791783\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 Interdisciplinary Research in Technology and Management (IRTM)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/irtm54583.2022.9791783","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Cyber-Physical Systems (CPS) are special kinds of systems with seamless integration of different entities. They are deployed mostly in safety-critical sectors, which make them a target for a wide range of attacks. Identifying potential threats to these kinds of systems is crucial and difficult as they consist of many modules, different producers, different technologies like programming, machine learning, and sometimes different manufactures. In this paper, we proposed a way of model potential ways in which attackers may compromise such systems using attack trees. We define a set of threat environments (i.e., changes in the vulnerability landscape of the system overtime) with each consisting of different sets of vulnerabilities, and use an attack tree generation algorithm to produce a tree at each threat environment. We further apply an information flow property - the opacity, to check a special kind of attacker who can observe the systems' non-secret states.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
