Go with the flow: toward workflow-oriented security assessment

Authors:
Binbin Chen;Zbigniew Kalbarczyk;David M. Nicol;William H. Sanders;Rui Tan;William G. Temple;Nils Ole Tippenhauer;An Hoa Vu;David K.Y. Yau
Affiliations:
Advanced Digital Sciences Center, Singapore, Singapore;University of Illinois at Urbana-Champaign, Urbana-Champaign, IL, USA;University of Illinois at Urbana-Champaign, Urbana-Champaign, IL, USA;University of Illinois at Urbana-Champaign, Urbana-Champaign, IL, USA;Advanced Digital Sciences Center, Singapore, Singapore;Advanced Digital Sciences Center, Singapore, Singapore;Advanced Digital Sciences Center, Singapore, Singapore;Advanced Digital Sciences Center, Singapore, Singapore;Singapore University of Technology and Design, Singapore, Singapore
Venue:
Proceedings of the 2013 workshop on New security paradigms workshop
Year:
2013

Citing 21
Cited 0

A practical approach to security assessment

NSPW '97 Proceedings of the 1997 workshop on New security paradigms
A graph-based system for network-vulnerability analysis

Proceedings of the 1998 workshop on New security paradigms
Automated Generation and Analysis of Attack Graphs

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Execution monitoring of security-critical programs in distributed systems: a Specification-based approach

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Model-Based Evaluation: From Dependability to Security

IEEE Transactions on Dependable and Secure Computing
Ariadne: a secure on-demand routing protocol for ad hoc networks

Wireless Networks
A scalable approach to attack graph generation

Proceedings of the 13th ACM conference on Computer and communications security
Practical Attack Graph Generation for Network Defense

ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
Measuring the overall security of network configurations using attack graphs

Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
Layering in provenance systems

USENIX'09 Proceedings of the 2009 conference on USENIX Annual technical conference
Energy theft in the advanced metering infrastructure

CRITIS'09 Proceedings of the 4th international conference on Critical information infrastructures security
Business Process-Based Information Security Risk Assessment

NSS '10 Proceedings of the 2010 Fourth International Conference on Network and System Security
Modeling and analyzing faults to improve election process robustness

EVT/WOTE'10 Proceedings of the 2010 international conference on Electronic voting technology/workshop on trustworthy elections
Automatic Generation of Service Availability Models

IEEE Transactions on Services Computing
Foundations of attack-defense trees

FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
An Attack Surface Metric

IEEE Transactions on Software Engineering
Applying a reusable election threat model at the county level

EVT/WOTE'11 Proceedings of the 2011 conference on Electronic voting technology/workshop on trustworthy elections
Model-based Security Metrics Using ADversary VIew Security Evaluation (ADVISE)

QEST '11 Proceedings of the 2011 Eighth International Conference on Quantitative Evaluation of SysTems
Foundations of attack trees

ICISC'05 Proceedings of the 8th international conference on Information Security and Cryptology
A systematic process-model-based approach for synthesizing attacks and evaluating them

EVT/WOTE'12 Proceedings of the 2012 international conference on Electronic Voting Technology/Workshop on Trustworthy Elections
Quantitative questions on attack: defense trees

ICISC'12 Proceedings of the 15th international conference on Information Security and Cryptology

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper we advocate the use of workflow---describing how a system provides its intended functionality---as a pillar of cybersecurity analysis and propose a holistic workflow-oriented assessment framework. While workflow models are currently used in the area of performance and reliability assessment, these approaches are designed neither to assess a system in the presence of an active attacker, nor to assess security aspects such as confidentiality. On the other hand, existing security assessment methods typically focus on modeling the active attacker (e.g., attack graphs), but many rely on restrictive models that are not readily applicable to complex (e.g., cyber-physical or cyber-human) systems. By "going with the flow," our assessment framework can naturally adopt a holistic view of such systems, unifying information about system components, their properties, and possible attacks to argue about a security goal. The argument is expressed in a graph structure, based on inputs from several distinct classes that are integrated in a systematic manner. That rigorous structure allows our approach to provide quantitative assessment in an automated fashion (like reliability assessment tools and attack graphs), while maintaining a broad assessment scope. We demonstrate our security assessment process using the case of Advanced Metering Infrastructure in a smart power grid and obtain quantitative results for system availability and confidentiality.