Generation of Scenario Graphs Using Model Checking - PowerPoint PPT Presentation

About This Presentation
Title:

Generation of Scenario Graphs Using Model Checking

Description:

Example of Attack Graph Developed by a Professional Red Team ... LICQ remote- to-user. CVE-2001-0439. Local buffer. overflow. CVE-2002-0004. Done! ... – PowerPoint PPT presentation

Number of Views:83
Avg rating:3.0/5.0
Slides: 14
Provided by: olegsh
Learn more at: http://www.cs.cmu.edu
Category:

less

Transcript and Presenter's Notes

Title: Generation of Scenario Graphs Using Model Checking


1
  • Generation of Scenario Graphs Using Model
    Checking
  • Somesh Jha (University of Wisconsin), Oleg
    Sheyner (CMU),
  • Jeannette Wing (CMU)

2
Example of Attack Graph Developed by a
Professional Red Team
  • Sandia Red Team White Board attack tree from
    DARPA CC20008 Information battle space
    preparation experiment

Sandia Red Team White Board attack graph from
DARPA CC20008 Information battle space
preparation experiment
Drawn By Hand
3
Definitions
  • Given
  • a finite state model M
  • a correctness property F
  • An failure scenario is an execution of M that
    violates F.
  • An scenario graph is a set of failure scenarios
    of M.

4
Properties of Scenario Graphs
  • Exhaustive
  • All possible failure scenarios are represented in
    G.
  • Succinct
  • Only relevant states are contained in G.
  • Only relevant transitions are contained in G.

5
Problem Statement
  • Problem Generating scenario graphs by hand is
    tedious, error-prone, and impractical for large
    systems.
  • Our Goal Automate the generation and analysis of
    scenario graphs.
  • Generation
  • Must be fast and completely automatic
  • Must handle large, realistic examples
  • Should guarantee properties of scenario graphs
  • Analysis
  • Enables tool-aided post-generation analysis

6
Overview of Our Method
7
Symbolic Scenario Graph Generation
  • Inputs
  • S, S0 ? S, R ? S X S
  • F AG (unsafe) (a safety property)
  • Output
  • Scenario graph G (Sunsafe, S0F, RF )
  • Algorithm
  • Sunsafe modelCheck(S, S0, R, F)
  • ( Use an iterative algorithm derived from the
    fixpoint characterization of AG operator. )
  • S0F S0 ? Sunsafe
  • RF R ? (Sunsafe X Sunsafe)

8
Explicit-State Scenario Graph Generation
  • Based on Automata-Theoretic Model Checking
  • Interpret both model M and correctness property F
    as Buchi automata.
  • M and F induce languages L(M), L(F).
  • L(M)\L(F) executions of M that violate F.
  • Construct M ? F by computing intersection of
    Buchi automata.
  • F can be any LTL property.

9
Explicit-State Algorithm Illustrated
n
10
Explicit-State Algorithm (Cont.)
Find strongly connected components (SCCs) (R.
Tarjan 72)
a
a
Collect SCCs with acceptance states
a
a
a
Add paths from initial states
d
a
a
b
b
a
c
11
Performance
Linear Regression R2 0.9967
12
State Hashing
13
Example Attack Graph
Security property (LTL) G
(intruder.privilege(host) lt root)
14
Application Attack Graphs
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Generation of Scenario Graphs Using Model Checking" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!