Attack Defense Trees with Sequential Conjunction

Research output: Chapter in Book/Report/Conference proceedingConference proceeding

37 Downloads (Pure)

Abstract

Attack defense trees are used to show the interaction between potential attacks on a system and the system defenses. In this paper we present a formal semantic model for attack defense trees with sequential composition, allowing for the description of attacks that are performed as a sequence of steps. The main contributions of our work are a formal representation of attack defense trees with sequential conjunction, a demonstration that this representation is equivalent to a process-algebraic one, and an algorithm for identifying the existence of attacks. We illustrate with an attack on over the air updates.
Original languageEnglish
Title of host publicationProceedings - 19th IEEE International Symposium on High Assurance Systems Engineering, HASE 2019
EditorsCongfeng Jiang, Vu Nguyen, Dongjin Yu
PublisherIEEE
Pages247-252
Number of pages6
Volume2019-January
ISBN (Electronic)978-1-5386-8540-2
ISBN (Print)978-1-5386-8541-9
DOIs
Publication statusPublished - 25 Mar 2019
EventWorkshop on Security issues in Cyber-Physical System(SecCPS), In conjunction with IEEE HASE - Hangzhou, China
Duration: 3 Jan 20195 Jan 2019

Publication series

NameProceedings / IEEE International Symposium on High-Assurance Systems Engineering. IEEE International Symposium on High-Assurance Systems Engineering
PublisherIEEE
ISSN (Print)1530-2059
ISSN (Electronic)2640-7507

Conference

ConferenceWorkshop on Security issues in Cyber-Physical System(SecCPS), In conjunction with IEEE HASE
Abbreviated titleHASE 2019
CountryChina
City Hangzhou
Period3/01/195/01/19

Fingerprint

Demonstrations
Semantics
Air
Chemical analysis

Bibliographical note

© 2019 IEEE. Personal use of this material is permitted. Permission from IEEE must
be obtained for all other uses, in any current or future media, including
reprinting/republishing this material for advertising or promotional purposes,
creating new collective works, for resale or redistribution to servers or lists, or
reuse of any copyrighted component of this work in other works.

Keywords

  • Semantics
  • Syntactics
  • Security
  • Industries
  • Automotive engineering
  • ISO Standards
  • Algebra
  • Attack defense trees
  • Cyber security
  • Formal semantics

ASJC Scopus subject areas

  • Software
  • Safety, Risk, Reliability and Quality

Cite this

Nguyen, H. N., Bryans, J., & Shaikh, S. (2019). Attack Defense Trees with Sequential Conjunction. In C. Jiang, V. Nguyen, & D. Yu (Eds.), Proceedings - 19th IEEE International Symposium on High Assurance Systems Engineering, HASE 2019 (Vol. 2019-January, pp. 247-252). (Proceedings / IEEE International Symposium on High-Assurance Systems Engineering. IEEE International Symposium on High-Assurance Systems Engineering). IEEE. https://doi.org/10.1109/HASE.2019.00045

Attack Defense Trees with Sequential Conjunction. / Nguyen, Hoang Nga; Bryans, Jeremy; Shaikh, Siraj.

Proceedings - 19th IEEE International Symposium on High Assurance Systems Engineering, HASE 2019. ed. / Congfeng Jiang; Vu Nguyen; Dongjin Yu. Vol. 2019-January IEEE, 2019. p. 247-252 (Proceedings / IEEE International Symposium on High-Assurance Systems Engineering. IEEE International Symposium on High-Assurance Systems Engineering).

Research output: Chapter in Book/Report/Conference proceedingConference proceeding

Nguyen, HN, Bryans, J & Shaikh, S 2019, Attack Defense Trees with Sequential Conjunction. in C Jiang, V Nguyen & D Yu (eds), Proceedings - 19th IEEE International Symposium on High Assurance Systems Engineering, HASE 2019. vol. 2019-January, Proceedings / IEEE International Symposium on High-Assurance Systems Engineering. IEEE International Symposium on High-Assurance Systems Engineering, IEEE, pp. 247-252, Workshop on Security issues in Cyber-Physical System(SecCPS), In conjunction with IEEE HASE, Hangzhou, China, 3/01/19. https://doi.org/10.1109/HASE.2019.00045
Nguyen HN, Bryans J, Shaikh S. Attack Defense Trees with Sequential Conjunction. In Jiang C, Nguyen V, Yu D, editors, Proceedings - 19th IEEE International Symposium on High Assurance Systems Engineering, HASE 2019. Vol. 2019-January. IEEE. 2019. p. 247-252. (Proceedings / IEEE International Symposium on High-Assurance Systems Engineering. IEEE International Symposium on High-Assurance Systems Engineering). https://doi.org/10.1109/HASE.2019.00045
Nguyen, Hoang Nga ; Bryans, Jeremy ; Shaikh, Siraj. / Attack Defense Trees with Sequential Conjunction. Proceedings - 19th IEEE International Symposium on High Assurance Systems Engineering, HASE 2019. editor / Congfeng Jiang ; Vu Nguyen ; Dongjin Yu. Vol. 2019-January IEEE, 2019. pp. 247-252 (Proceedings / IEEE International Symposium on High-Assurance Systems Engineering. IEEE International Symposium on High-Assurance Systems Engineering).
@inproceedings{5eb38d2b29f64e7ca05f7b0eb15fcac4,
title = "Attack Defense Trees with Sequential Conjunction",
abstract = "Attack defense trees are used to show the interaction between potential attacks on a system and the system defenses. In this paper we present a formal semantic model for attack defense trees with sequential composition, allowing for the description of attacks that are performed as a sequence of steps. The main contributions of our work are a formal representation of attack defense trees with sequential conjunction, a demonstration that this representation is equivalent to a process-algebraic one, and an algorithm for identifying the existence of attacks. We illustrate with an attack on over the air updates.",
keywords = "Semantics, Syntactics, Security, Industries, Automotive engineering, ISO Standards, Algebra, Attack defense trees, Cyber security, Formal semantics",
author = "Nguyen, {Hoang Nga} and Jeremy Bryans and Siraj Shaikh",
note = "{\circledC} 2019 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.",
year = "2019",
month = "3",
day = "25",
doi = "10.1109/HASE.2019.00045",
language = "English",
isbn = "978-1-5386-8541-9",
volume = "2019-January",
series = "Proceedings / IEEE International Symposium on High-Assurance Systems Engineering. IEEE International Symposium on High-Assurance Systems Engineering",
publisher = "IEEE",
pages = "247--252",
editor = "Congfeng Jiang and Vu Nguyen and Dongjin Yu",
booktitle = "Proceedings - 19th IEEE International Symposium on High Assurance Systems Engineering, HASE 2019",

}

TY - GEN

T1 - Attack Defense Trees with Sequential Conjunction

AU - Nguyen, Hoang Nga

AU - Bryans, Jeremy

AU - Shaikh, Siraj

N1 - © 2019 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.

PY - 2019/3/25

Y1 - 2019/3/25

N2 - Attack defense trees are used to show the interaction between potential attacks on a system and the system defenses. In this paper we present a formal semantic model for attack defense trees with sequential composition, allowing for the description of attacks that are performed as a sequence of steps. The main contributions of our work are a formal representation of attack defense trees with sequential conjunction, a demonstration that this representation is equivalent to a process-algebraic one, and an algorithm for identifying the existence of attacks. We illustrate with an attack on over the air updates.

AB - Attack defense trees are used to show the interaction between potential attacks on a system and the system defenses. In this paper we present a formal semantic model for attack defense trees with sequential composition, allowing for the description of attacks that are performed as a sequence of steps. The main contributions of our work are a formal representation of attack defense trees with sequential conjunction, a demonstration that this representation is equivalent to a process-algebraic one, and an algorithm for identifying the existence of attacks. We illustrate with an attack on over the air updates.

KW - Semantics

KW - Syntactics

KW - Security

KW - Industries

KW - Automotive engineering

KW - ISO Standards

KW - Algebra

KW - Attack defense trees

KW - Cyber security

KW - Formal semantics

UR - http://www.scopus.com/inward/record.url?scp=85063983795&partnerID=8YFLogxK

U2 - 10.1109/HASE.2019.00045

DO - 10.1109/HASE.2019.00045

M3 - Conference proceeding

SN - 978-1-5386-8541-9

VL - 2019-January

T3 - Proceedings / IEEE International Symposium on High-Assurance Systems Engineering. IEEE International Symposium on High-Assurance Systems Engineering

SP - 247

EP - 252

BT - Proceedings - 19th IEEE International Symposium on High Assurance Systems Engineering, HASE 2019

A2 - Jiang, Congfeng

A2 - Nguyen, Vu

A2 - Yu, Dongjin

PB - IEEE

ER -