Generating attack pattern automatically based on attack tree is studied. The extending definition of attack tree is proposed. And the algorithm of generating attack tree is presented. The method of generating attack p...Generating attack pattern automatically based on attack tree is studied. The extending definition of attack tree is proposed. And the algorithm of generating attack tree is presented. The method of generating attack pattern automatically based on attack tree is shown, which is tested by concrete attack instances. The results show that the algorithm is effective and efficient. In doing so, the efficiency of generating attack pattern is improved and the attack trees can be reused.展开更多
This paper presents a novel probability generation algorithm to predict attacks from an insider who exploits known system vulnerabilities through executing authorized operations. It is different from most intrusion de...This paper presents a novel probability generation algorithm to predict attacks from an insider who exploits known system vulnerabilities through executing authorized operations. It is different from most intrusion detection systems (IDSs) because these IDSs are inefficient to resolve threat from authorized insiders. To deter cracker activities, this paper introduces an improved structure of augmented attack tree and a notion of "minimal attack tree", and proposes a new generation algorithm of minimal attack tree. We can provide a quantitative approach to help system administrators make sound decision.展开更多
With the skyrocketing development of technologies,there are many issues in information security quantitative evaluation(ISQE)of complex heterogeneous information systems(CHISs).The development of CHIS calls for an ISQ...With the skyrocketing development of technologies,there are many issues in information security quantitative evaluation(ISQE)of complex heterogeneous information systems(CHISs).The development of CHIS calls for an ISQE model based on security-critical components to improve the efficiency of system security evaluation urgently.In this paper,we summarize the implication of critical components in different filed and propose a recognition algorithm of security-critical components based on threat attack tree to support the ISQE process.The evaluation model establishes a framework for ISQE of CHISs that are updated iteratively.Firstly,with the support of asset identification and topology data,we sort the security importance of each asset based on the threat attack tree and obtain the security-critical components(set)of the CHIS.Then,we build the evaluation indicator tree of the evaluation target and propose an ISQE algorithm based on the coefficient of variation to calculate the security quality value of the CHIS.Moreover,we present a novel indicator measurement uncertainty aiming to better supervise the performance of the proposed model.Simulation results show the advantages of the proposed algorithm in the evaluation of CHISs.展开更多
The increasingly intelligent and connected vehicles have brought many unprecedented automotive cybersecurity threats,which may cause privacy breaches,personal injuries,and even national security issues.Before providin...The increasingly intelligent and connected vehicles have brought many unprecedented automotive cybersecurity threats,which may cause privacy breaches,personal injuries,and even national security issues.Before providing effective security solutions,a comprehensive risk assessment of the automotive cybersecurity must be carried out.A systematic cybersecurity risk assessment framework for automobiles is proposed in this study.It consists of an assessment process and systematic assessment methods considering the changes of threat environment,evaluation target,and available information in vehicle lifecycle.In the process of risk identification and risk analysis,the impact level and attack feasibility level are assessed based on the STRIDE model and attack tree method.An automotive cybersecurity risk matrix using a global rating algorithm is then constructed to create a quantitative risk metric.Finally,the applicability and feasibility of the proposed risk assessment framework are demonstrated through a use case,and the results prove that the proposed framework is effective.The proposed assessment framework helps to systematically derive automotive cybersecurity requirements.展开更多
文摘Generating attack pattern automatically based on attack tree is studied. The extending definition of attack tree is proposed. And the algorithm of generating attack tree is presented. The method of generating attack pattern automatically based on attack tree is shown, which is tested by concrete attack instances. The results show that the algorithm is effective and efficient. In doing so, the efficiency of generating attack pattern is improved and the attack trees can be reused.
基金Supported by the National Key Technologies Re-search and Development Programof China (2004BA907A20)
文摘This paper presents a novel probability generation algorithm to predict attacks from an insider who exploits known system vulnerabilities through executing authorized operations. It is different from most intrusion detection systems (IDSs) because these IDSs are inefficient to resolve threat from authorized insiders. To deter cracker activities, this paper introduces an improved structure of augmented attack tree and a notion of "minimal attack tree", and proposes a new generation algorithm of minimal attack tree. We can provide a quantitative approach to help system administrators make sound decision.
基金supported in part by the National Key R&D Program of China under Grant 2019YFB2102400,2016YFF0204001in part by the BUPT Excellent Ph.D.Students Foundation under Grant CX2019117.
文摘With the skyrocketing development of technologies,there are many issues in information security quantitative evaluation(ISQE)of complex heterogeneous information systems(CHISs).The development of CHIS calls for an ISQE model based on security-critical components to improve the efficiency of system security evaluation urgently.In this paper,we summarize the implication of critical components in different filed and propose a recognition algorithm of security-critical components based on threat attack tree to support the ISQE process.The evaluation model establishes a framework for ISQE of CHISs that are updated iteratively.Firstly,with the support of asset identification and topology data,we sort the security importance of each asset based on the threat attack tree and obtain the security-critical components(set)of the CHIS.Then,we build the evaluation indicator tree of the evaluation target and propose an ISQE algorithm based on the coefficient of variation to calculate the security quality value of the CHIS.Moreover,we present a novel indicator measurement uncertainty aiming to better supervise the performance of the proposed model.Simulation results show the advantages of the proposed algorithm in the evaluation of CHISs.
基金This work was supported by the National Key Research and Development Program of China(Grant 2018YFB1600703).
文摘The increasingly intelligent and connected vehicles have brought many unprecedented automotive cybersecurity threats,which may cause privacy breaches,personal injuries,and even national security issues.Before providing effective security solutions,a comprehensive risk assessment of the automotive cybersecurity must be carried out.A systematic cybersecurity risk assessment framework for automobiles is proposed in this study.It consists of an assessment process and systematic assessment methods considering the changes of threat environment,evaluation target,and available information in vehicle lifecycle.In the process of risk identification and risk analysis,the impact level and attack feasibility level are assessed based on the STRIDE model and attack tree method.An automotive cybersecurity risk matrix using a global rating algorithm is then constructed to create a quantitative risk metric.Finally,the applicability and feasibility of the proposed risk assessment framework are demonstrated through a use case,and the results prove that the proposed framework is effective.The proposed assessment framework helps to systematically derive automotive cybersecurity requirements.