Presentation is loading. Please wait.

Presentation is loading. Please wait.

Towards Modelling Information Security with Key-Challenge Petri Nets Teijo Venäläinen

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Towards Modelling Information Security with Key-Challenge Petri Nets Teijo Venäläinen"— Presentation transcript:

1 Towards Modelling Information Security with Key-Challenge Petri Nets Teijo Venäläinen teijo.v.o.venalainen@jyu.fi

2 Contents  Introduction  Various modelling methods  Graph based modelling  Key-Challenge Petri Nets

3 Introduction  Since 7/2006 in Information Technology Research Institute (ITRI), Agora, JYU  Doctoral studies since 2009  Goal is to find a method for measuring information security (IS)  Modelling and Simulation (M&S)

4 Motivation for testing/modelling  Testing a system in use is not a feasible option => damage  Real system must be replicated (modelled) somehow  Testing is done with the modelled system  How accurately does the model represent the real system?

5 Resulting information  For the whole system or a single component, the following results are interesting: –Mean time between failure (against attacks) –Success probability of attacks –Damage (performance degradation, money, …) –Attack route i.e. how the attack progresses –And more …

6 Testing methods  There are different methods, where varies [1] –”target audience” –Human involement during testing –Detail level  Role playing, ”Packet wars”, network design tools  Mathematical modelling, state machines, graph based modelling

7 Role playing  Scenario-based training exercises  High abstraction level  Test the strategic decision making process of personnel and organizations  Computers not necessary, ”pencil & paper”  Target audience: high level decision makers  Does not provide technical IS information

8 ”Packet wars”  Real network with real users, a dedicated test network in a laboratory  Two teams: attackers and defenders  Highly accurate method but costly  Target audience: IS professionals

9 Network design tools  Accurate modelling of networks and normal activities  Attack modelling is limited => limited results  No human involvement during testing, only simulation  Target audience: IS professionals, network designers

10 Mathematical modelling, state machines, graph based models  Also approximations of the real system  Provide results faster through simulation  Cheap  Easily modifyable

11 Modelling & simulation Model System description Simulation

12 Graph based modelling  Network attack is usually a series of interdependent actions leading to a goal (= breach in security)  Actions are illustrated using nodes and arcs => an attack graph (AG)  Assign conditions (e.g. probability) on traversing between nodes  Usually attacker’s point of view  Simulate by starting from a node and moving towards the goal node(s)

13 Attack tree Source [2]

14 Challenges  The system must be described at adequate level of accuracy. Scalability with large networks?  Valid input parameters (From where? How?)  Usability  Attacker’s and defender’s interaction (game theory?)  Creating graphs is labor intensive => automatic tools

15 Petri Nets  Place (input/output): holds tokens  Arc: connects places and transitions  Transition: lets token pass through if conditions are met  Token: moves from place to place

16 Key-Challenge Petri Nets (KCPN)  A modelling method under development  Based on Petri-nets  KCPN graph is created using network and vulnerability information  Conditions for transitions = key-challenge –challenge = security measure –key = means to circumvent/break the security measure

17 KCPN: overview  Hierarchical i.e. modelling may be performed using various abstration levels  Modular structure  Place = network device or attack action  Arc = physical connection of devices or causal relation of attack actions  Transition = challenge (security measure)

18 KCPN: simulation  Attacker collects keys that allow him to progress in the graph  Variables may be assigned for transitions –Probability of being detected –Duration of an attack action (time distribution) –Cost, skill level, etc.  It is possible to perform an attack action without required keys but with a greater cost/duration

19 KCPN: results  Simulation results include: –Probability of success of an entire attack –The most vulnerable attack path –The duration of the entire attack  Results may be used as input data within the model (simulate modules independently)

20 KCPN: example  Two hierarchy levels: –Topology level (physical world) –Attack action level (abstract world)  Multiple network devices lumped into a single node (Hosts)  Devices with similar connections, OS, software, etc. => lumped together

21 KCPN: the physical network

22 KCPN: the graph

23 Sources  [1] J. Saunders. Simulation Approaches in Information Security Education. Proceedings of 6th National Colloquium for Information System Security Education, 2002.  [2] Bruce Schneier. Attack Trees. SANS Network Security 1999. http://www.cs.utk.edu/~dunigan/cns06/attackt rees.pdf

24 Thank You!

Download ppt "Towards Modelling Information Security with Key-Challenge Petri Nets Teijo Venäläinen"

Similar presentations

COMPUTER NETWORK TOPOLOGIES

COMPUTER NETWORK TOPOLOGIES
Computer Network Topologies

Computer Network Topologies
1 No Silver Bullet : Inherent Limitations of Computer Security Technologies Jeffrey W. Humphries Texas A&M University.

1 No Silver Bullet : Inherent Limitations of Computer Security Technologies Jeffrey W. Humphries Texas A&M University.
Worm Origin Identification Using Random Moonwalks Yinglian Xie, V. Sekar, D. A. Maltz, M. K. Reiter, Hui Zhang 2005 IEEE Symposium on Security and Privacy.

Worm Origin Identification Using Random Moonwalks Yinglian Xie, V. Sekar, D. A. Maltz, M. K. Reiter, Hui Zhang 2005 IEEE Symposium on Security and Privacy.
® IBM Software Group © 2006 IBM Corporation Rational Software France Object-Oriented Analysis and Design with UML2 and Rational Software Modeler 04. Other.

® IBM Software Group © 2006 IBM Corporation Rational Software France Object-Oriented Analysis and Design with UML2 and Rational Software Modeler 04. Other.
Objektorienteret Middleware Presentation 2: Distributed Systems – A brush up, and relations to Middleware, Heterogeneity & Transparency.

Objektorienteret Middleware Presentation 2: Distributed Systems – A brush up, and relations to Middleware, Heterogeneity & Transparency.
1 CS 106, Winter 2009 Class 4, Section 4 Slides by: Dr. Cynthia A. Brown, Instructor section 4: Dr. Herbert G. Mayer,

1 CS 106, Winter 2009 Class 4, Section 4 Slides by: Dr. Cynthia A. Brown, Instructor section 4: Dr. Herbert G. Mayer,
XML Documentation of Biopathways and Their Simulations in Genomic Object Net Speaker : Hungwei chen.

XML Documentation of Biopathways and Their Simulations in Genomic Object Net Speaker : Hungwei chen.
Report on Intrusion Detection and Data Fusion By Ganesh Godavari.

Report on Intrusion Detection and Data Fusion By Ganesh Godavari.
Detecting Network Intrusions via Sampling : A Game Theoretic Approach Presented By: Matt Vidal Murali Kodialam T.V. Lakshman July 22, 2003 Bell Labs, Lucent.

Detecting Network Intrusions via Sampling : A Game Theoretic Approach Presented By: Matt Vidal Murali Kodialam T.V. Lakshman July 22, 2003 Bell Labs, Lucent.
1 Petri Nets H Plan: –Introduce basics of Petri Net models –Define notation and terminology used –Show examples of Petri Net models u Calaway Park model.

1 Petri Nets H Plan: –Introduce basics of Petri Net models –Define notation and terminology used –Show examples of Petri Net models u Calaway Park model.
Secure Overlay Services Adam Hathcock Information Assurance Lab Auburn University.

Secure Overlay Services Adam Hathcock Information Assurance Lab Auburn University.
Lecture 11 Reliability and Security in IT infrastructure.

Lecture 11 Reliability and Security in IT infrastructure.
.NET Mobile Application Development Introduction to Mobile and Distributed Applications.

.NET Mobile Application Development Introduction to Mobile and Distributed Applications.
A Value-Based Approach for Quantifying Scientific Problem Solving Effectiveness Within and Across Educational Systems Ron Stevens, Ph.D. IMMEX Project.

A Value-Based Approach for Quantifying Scientific Problem Solving Effectiveness Within and Across Educational Systems Ron Stevens, Ph.D. IMMEX Project.
Chapter 3 : Software Process and Other Models Juthawut Chantharamalee Curriculum of Computer Science Faculty of Science and Technology, Suan Dusit University.

Chapter 3 : Software Process and Other Models Juthawut Chantharamalee Curriculum of Computer Science Faculty of Science and Technology, Suan Dusit University.
CSC230 Software Design (Engineering)

CSC230 Software Design (Engineering)
Intrusion Detection System Marmagna Desai [ 520 Presentation]

Intrusion Detection System Marmagna Desai [ 520 Presentation]
 1  GSLM 53300 System Simulation Yat-wah Wan Room: B317; Email: ywan; Ext: 3166.

 1  GSLM System Simulation Yat-wah Wan Room: B317; ywan; Ext: 3166.
Remote Monitoring and Desktop Management Week-7. SNMP designed for management of a limited range of devices and a limited range of functions Monitoring.

Remote Monitoring and Desktop Management Week-7. SNMP designed for management of a limited range of devices and a limited range of functions Monitoring.

Similar presentations

Ads by Google