Attack Defense Trees with Sequential Conjunction

Hoang Nga Nguyen; Jeremy Bryans; Siraj Shaikh

doi:10.1109/HASE.2019.00045

Attack Defense Trees with Sequential Conjunction

Hoang Nga Nguyen, Jeremy Bryans, Siraj Shaikh

Research output: Chapter in Book/Report/Conference proceeding › Conference proceeding › peer-review

6 Citations (Scopus)

278 Downloads (Pure)

Abstract

Attack defense trees are used to show the interaction between potential attacks on a system and the system defenses. In this paper we present a formal semantic model for attack defense trees with sequential composition, allowing for the description of attacks that are performed as a sequence of steps. The main contributions of our work are a formal representation of attack defense trees with sequential conjunction, a demonstration that this representation is equivalent to a process-algebraic one, and an algorithm for identifying the existence of attacks. We illustrate with an attack on over the air updates.

Original language	English
Title of host publication	Proceedings - 19th IEEE International Symposium on High Assurance Systems Engineering, HASE 2019
Editors	Congfeng Jiang, Vu Nguyen, Dongjin Yu
Publisher	IEEE
Pages	247-252
Number of pages	6
Volume	2019-January
ISBN (Electronic)	978-1-5386-8540-2
ISBN (Print)	978-1-5386-8541-9
DOIs	https://doi.org/10.1109/HASE.2019.00045
Publication status	Published - 25 Mar 2019
Event	Workshop on Security issues in Cyber-Physical System(SecCPS), In conjunction with IEEE HASE - Hangzhou, China Duration: 3 Jan 2019 → 5 Jan 2019

Publication series

Name	Proceedings / IEEE International Symposium on High-Assurance Systems Engineering. IEEE International Symposium on High-Assurance Systems Engineering
Publisher	IEEE
ISSN (Print)	1530-2059
ISSN (Electronic)	2640-7507

Conference

Conference	Workshop on Security issues in Cyber-Physical System(SecCPS), In conjunction with IEEE HASE
Abbreviated title	HASE 2019
Country/Territory	China
City	Hangzhou
Period	3/01/19 → 5/01/19

Bibliographical note

© 2019 IEEE. Personal use of this material is permitted. Permission from IEEE must
be obtained for all other uses, in any current or future media, including
reprinting/republishing this material for advertising or promotional purposes,
creating new collective works, for resale or redistribution to servers or lists, or
reuse of any copyrighted component of this work in other works.

Keywords

Semantics
Syntactics
Security
Industries
Automotive engineering
ISO Standards
Algebra
Attack defense trees
Cyber security
Formal semantics

ASJC Scopus subject areas

Software
Safety, Risk, Reliability and Quality

Access to Document

10.1109/HASE.2019.00045

Post-PrintAccepted author manuscript, 655 KB

Cite this

Nguyen, H. N., Bryans, J., & Shaikh, S. (2019). Attack Defense Trees with Sequential Conjunction. In C. Jiang, V. Nguyen, & D. Yu (Eds.), Proceedings - 19th IEEE International Symposium on High Assurance Systems Engineering, HASE 2019 (Vol. 2019-January, pp. 247-252). (Proceedings / IEEE International Symposium on High-Assurance Systems Engineering. IEEE International Symposium on High-Assurance Systems Engineering). IEEE. https://doi.org/10.1109/HASE.2019.00045

Attack Defense Trees with Sequential Conjunction. / Nguyen, Hoang Nga; Bryans, Jeremy; Shaikh, Siraj.
Proceedings - 19th IEEE International Symposium on High Assurance Systems Engineering, HASE 2019. ed. / Congfeng Jiang; Vu Nguyen; Dongjin Yu. Vol. 2019-January IEEE, 2019. p. 247-252 (Proceedings / IEEE International Symposium on High-Assurance Systems Engineering. IEEE International Symposium on High-Assurance Systems Engineering).

Research output: Chapter in Book/Report/Conference proceeding › Conference proceeding › peer-review

Nguyen, HN, Bryans, J & Shaikh, S 2019, Attack Defense Trees with Sequential Conjunction. in C Jiang, V Nguyen & D Yu (eds), Proceedings - 19th IEEE International Symposium on High Assurance Systems Engineering, HASE 2019. vol. 2019-January, Proceedings / IEEE International Symposium on High-Assurance Systems Engineering. IEEE International Symposium on High-Assurance Systems Engineering, IEEE, pp. 247-252, Workshop on Security issues in Cyber-Physical System(SecCPS), In conjunction with IEEE HASE, Hangzhou, China, 3/01/19. https://doi.org/10.1109/HASE.2019.00045

Nguyen HN, Bryans J, Shaikh S. Attack Defense Trees with Sequential Conjunction. In Jiang C, Nguyen V, Yu D, editors, Proceedings - 19th IEEE International Symposium on High Assurance Systems Engineering, HASE 2019. Vol. 2019-January. IEEE. 2019. p. 247-252. (Proceedings / IEEE International Symposium on High-Assurance Systems Engineering. IEEE International Symposium on High-Assurance Systems Engineering). doi: 10.1109/HASE.2019.00045

Nguyen, Hoang Nga ; Bryans, Jeremy ; Shaikh, Siraj. / Attack Defense Trees with Sequential Conjunction. Proceedings - 19th IEEE International Symposium on High Assurance Systems Engineering, HASE 2019. editor / Congfeng Jiang ; Vu Nguyen ; Dongjin Yu. Vol. 2019-January IEEE, 2019. pp. 247-252 (Proceedings / IEEE International Symposium on High-Assurance Systems Engineering. IEEE International Symposium on High-Assurance Systems Engineering).

@inproceedings{5eb38d2b29f64e7ca05f7b0eb15fcac4,

title = "Attack Defense Trees with Sequential Conjunction",

abstract = "Attack defense trees are used to show the interaction between potential attacks on a system and the system defenses. In this paper we present a formal semantic model for attack defense trees with sequential composition, allowing for the description of attacks that are performed as a sequence of steps. The main contributions of our work are a formal representation of attack defense trees with sequential conjunction, a demonstration that this representation is equivalent to a process-algebraic one, and an algorithm for identifying the existence of attacks. We illustrate with an attack on over the air updates.",

keywords = "Semantics, Syntactics, Security, Industries, Automotive engineering, ISO Standards, Algebra, Attack defense trees, Cyber security, Formal semantics",

author = "Nguyen, {Hoang Nga} and Jeremy Bryans and Siraj Shaikh",

note = "{\textcopyright} 2019 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.; Workshop on Security issues in Cyber-Physical System(SecCPS), In conjunction with IEEE HASE, HASE 2019 ; Conference date: 03-01-2019 Through 05-01-2019",

year = "2019",

month = mar,

day = "25",

doi = "10.1109/HASE.2019.00045",

language = "English",

isbn = "978-1-5386-8541-9",

volume = "2019-January",

series = "Proceedings / IEEE International Symposium on High-Assurance Systems Engineering. IEEE International Symposium on High-Assurance Systems Engineering",

publisher = "IEEE",

pages = "247--252",

editor = "Congfeng Jiang and Vu Nguyen and Dongjin Yu",

booktitle = "Proceedings - 19th IEEE International Symposium on High Assurance Systems Engineering, HASE 2019",

address = "United States",

}

TY - GEN

T1 - Attack Defense Trees with Sequential Conjunction

AU - Nguyen, Hoang Nga

AU - Bryans, Jeremy

AU - Shaikh, Siraj

N1 - © 2019 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.

PY - 2019/3/25

Y1 - 2019/3/25

N2 - Attack defense trees are used to show the interaction between potential attacks on a system and the system defenses. In this paper we present a formal semantic model for attack defense trees with sequential composition, allowing for the description of attacks that are performed as a sequence of steps. The main contributions of our work are a formal representation of attack defense trees with sequential conjunction, a demonstration that this representation is equivalent to a process-algebraic one, and an algorithm for identifying the existence of attacks. We illustrate with an attack on over the air updates.

AB - Attack defense trees are used to show the interaction between potential attacks on a system and the system defenses. In this paper we present a formal semantic model for attack defense trees with sequential composition, allowing for the description of attacks that are performed as a sequence of steps. The main contributions of our work are a formal representation of attack defense trees with sequential conjunction, a demonstration that this representation is equivalent to a process-algebraic one, and an algorithm for identifying the existence of attacks. We illustrate with an attack on over the air updates.

KW - Semantics

KW - Syntactics

KW - Security

KW - Industries

KW - Automotive engineering

KW - ISO Standards

KW - Algebra

KW - Attack defense trees

KW - Cyber security

KW - Formal semantics

UR - http://www.scopus.com/inward/record.url?scp=85063983795&partnerID=8YFLogxK

U2 - 10.1109/HASE.2019.00045

DO - 10.1109/HASE.2019.00045

M3 - Conference proceeding

SN - 978-1-5386-8541-9

VL - 2019-January

T3 - Proceedings / IEEE International Symposium on High-Assurance Systems Engineering. IEEE International Symposium on High-Assurance Systems Engineering

SP - 247

EP - 252

BT - Proceedings - 19th IEEE International Symposium on High Assurance Systems Engineering, HASE 2019

A2 - Jiang, Congfeng

A2 - Nguyen, Vu

A2 - Yu, Dongjin

PB - IEEE

T2 - Workshop on Security issues in Cyber-Physical System(SecCPS), In conjunction with IEEE HASE

Y2 - 3 January 2019 through 5 January 2019

ER -

Attack Defense Trees with Sequential Conjunction

Abstract

Publication series

Conference

Bibliographical note

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Jeremy Bryans

Cite this

Attack Defense Trees with Sequential Conjunction

Abstract

Publication series

Conference

Bibliographical note

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Profiles

Jeremy Bryans

Cite this