Modelling Social-Technical Attacks with Timed Automata

Nicolas  David; Alexandre David; Rene Rydhof Hansen; Kim G. Larsen; Axel Legay; Mads Christian Olesen; Christian W. Probst

doi:10.1145/2808783.2808787

Modelling Social-Technical Attacks with Timed Automata

Nicolas David, Alexandre David, Rene Rydhof Hansen, Kim G. Larsen, Axel Legay, Mads Christian Olesen, Christian W. Probst

Department of Applied Mathematics and Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Article in proceedings › Research › peer-review

Abstract

Attacks on a system often exploit vulnerabilities that arise from human behaviour or other human activity. Attacks of this type, so-called socio-technical attacks, cover everything from social engineering to insider attacks, and they can have a devastating impact on an unprepared organisation. In this paper we develop an approach towards modelling socio-technical systems in general and socio-technical attacks in particular, using timed automata and illustrate its application by a complex case study. Thanks to automated model checking and automata theory, we can automatically generate possible attacks in our model and perform analysis and simulation of both model and attack, revealing details about the specific interaction between attacker and victim. Using timed automata also allows for intuitive modelling of systems, in which quantities like time and cost can be easily added and analysed.

Original language	English
Title of host publication	Proceedings of the 7th ACM CCS International Workshop on Managing Insider Security Threats (ACM MIST '15)
Publisher	Association for Computing Machinery
Publication date	2015
Pages	21-28
ISBN (Print)	978-1-4503-3824-0
DOIs	https://doi.org/10.1145/2808783.2808787
Publication status	Published - 2015
Event	7th ACM CCS International Workshop on Managing Insider Security Threats (MIST '15) - The Denver Marriot City Center, Denver, Colorado, United States Duration: 12 Oct 2015 → 16 Oct 2015 Conference number: 7 http://isyou.info/conf/mist15/

Workshop

Workshop	7th ACM CCS International Workshop on Managing Insider Security Threats (MIST '15)
Number	7
Location	The Denver Marriot City Center
Country	United States
City	Denver, Colorado
Period	12/10/2015 → 16/10/2015
Other	In Conjunction with the 22nd ACM Conference on Computer and Communications Security (ACM CCS 2015)
Internet address	http://isyou.info/conf/mist15/

Keywords

Insider threats
Timed automata
Attack trees
Attack generation

Access to Document

10.1145/2808783.2808787

Fingerprint Dive into the research topics of 'Modelling Social-Technical Attacks with Timed Automata'. Together they form a unique fingerprint.

Cite this

@inproceedings{7c40dcc857a24664b8b55bfc989fc3ce,

title = "Modelling Social-Technical Attacks with Timed Automata",

abstract = "Attacks on a system often exploit vulnerabilities that arise from human behaviour or other human activity. Attacks of this type, so-called socio-technical attacks, cover everything from social engineering to insider attacks, and they can have a devastating impact on an unprepared organisation. In this paper we develop an approach towards modelling socio-technical systems in general and socio-technical attacks in particular, using timed automata and illustrate its application by a complex case study. Thanks to automated model checking and automata theory, we can automatically generate possible attacks in our model and perform analysis and simulation of both model and attack, revealing details about the specific interaction between attacker and victim. Using timed automata also allows for intuitive modelling of systems, in which quantities like time and cost can be easily added and analysed.",

keywords = "Insider threats, Timed automata, Attack trees, Attack generation",

author = "Nicolas David and Alexandre David and Hansen, {Rene Rydhof} and Larsen, {Kim G.} and Axel Legay and Olesen, {Mads Christian} and Probst, {Christian W.}",

year = "2015",

doi = "10.1145/2808783.2808787",

language = "English",

isbn = "978-1-4503-3824-0",

pages = "21--28",

booktitle = "Proceedings of the 7th ACM CCS International Workshop on Managing Insider Security Threats (ACM MIST '15)",

publisher = "Association for Computing Machinery",

address = "United States",

note = "7th ACM CCS International Workshop on Managing Insider Security Threats (MIST '15), ACM MIST ; Conference date: 12-10-2015 Through 16-10-2015",

url = "http://isyou.info/conf/mist15/",

}

David, N, David, A, Hansen, RR, Larsen, KG, Legay, A, Olesen, MC & Probst, CW 2015, Modelling Social-Technical Attacks with Timed Automata. in Proceedings of the 7th ACM CCS International Workshop on Managing Insider Security Threats (ACM MIST '15). Association for Computing Machinery, pp. 21-28, 7th ACM CCS International Workshop on Managing Insider Security Threats (MIST '15), Denver, Colorado, United States, 12/10/2015. https://doi.org/10.1145/2808783.2808787

Modelling Social-Technical Attacks with Timed Automata. / David, Nicolas ; David, Alexandre; Hansen, Rene Rydhof; Larsen, Kim G.; Legay, Axel; Olesen, Mads Christian; Probst, Christian W.

Proceedings of the 7th ACM CCS International Workshop on Managing Insider Security Threats (ACM MIST '15). Association for Computing Machinery, 2015. p. 21-28.

Research output: Chapter in Book/Report/Conference proceeding › Article in proceedings › Research › peer-review

TY - GEN

T1 - Modelling Social-Technical Attacks with Timed Automata

AU - David, Nicolas

AU - David, Alexandre

AU - Hansen, Rene Rydhof

AU - Larsen, Kim G.

AU - Legay, Axel

AU - Olesen, Mads Christian

AU - Probst, Christian W.

N1 - Conference code: 7

PY - 2015

Y1 - 2015

N2 - Attacks on a system often exploit vulnerabilities that arise from human behaviour or other human activity. Attacks of this type, so-called socio-technical attacks, cover everything from social engineering to insider attacks, and they can have a devastating impact on an unprepared organisation. In this paper we develop an approach towards modelling socio-technical systems in general and socio-technical attacks in particular, using timed automata and illustrate its application by a complex case study. Thanks to automated model checking and automata theory, we can automatically generate possible attacks in our model and perform analysis and simulation of both model and attack, revealing details about the specific interaction between attacker and victim. Using timed automata also allows for intuitive modelling of systems, in which quantities like time and cost can be easily added and analysed.

AB - Attacks on a system often exploit vulnerabilities that arise from human behaviour or other human activity. Attacks of this type, so-called socio-technical attacks, cover everything from social engineering to insider attacks, and they can have a devastating impact on an unprepared organisation. In this paper we develop an approach towards modelling socio-technical systems in general and socio-technical attacks in particular, using timed automata and illustrate its application by a complex case study. Thanks to automated model checking and automata theory, we can automatically generate possible attacks in our model and perform analysis and simulation of both model and attack, revealing details about the specific interaction between attacker and victim. Using timed automata also allows for intuitive modelling of systems, in which quantities like time and cost can be easily added and analysed.

KW - Insider threats

KW - Timed automata

KW - Attack trees

KW - Attack generation

U2 - 10.1145/2808783.2808787

DO - 10.1145/2808783.2808787

M3 - Article in proceedings

SN - 978-1-4503-3824-0

SP - 21

EP - 28

BT - Proceedings of the 7th ACM CCS International Workshop on Managing Insider Security Threats (ACM MIST '15)

PB - Association for Computing Machinery

T2 - 7th ACM CCS International Workshop on Managing Insider Security Threats (MIST '15)

Y2 - 12 October 2015 through 16 October 2015

ER -