This book constitutes revised papers from the 6th International Workshop on Graphical Models for Security, GraMSec 2019, held in Hoboken, NJ, USA, in June 2019.  The 8 full papers presented in this volume were carefully reviewed and selected from 15 submissions. The book also contains two invited talk. The contributions deal with the latest research and developments on graphical models for security.

lgli/N:\!genesis_\0day\new030220\springer\10.1007%2F978-3-030-36537-0.pdf

lgrsnf/N:\!genesis_\0day\new030220\springer\10.1007%2F978-3-030-36537-0.pdf

nexusstc/Graphical Models for Security: 6th International Workshop, GraMSec 2019, Hoboken, NJ, USA, June 24, 2019, Revised Papers/fad9012fb0095ac1210ca9a800666d53.pdf

scihub/10.1007/978-3-030-36537-0.pdf

zlib/Computers/Computer Science/Massimiliano Albanese, Ross Horne, Christian W. Probst/Graphical Models for Security: 6th International Workshop, GraMSec 2019, Hoboken, NJ, USA, June 24, 2019, Revised Papers_5400857.pdf

Graphical models for security : second International Workshop, GraMSec 2015, Verona, Italy, July 13, 2015

Massimiliano Albanese,Ross Horne,Christian W. Probst,Gerhard Goos,Juris Hartmanis,Elisa Bertino,Wen Gao,Bernhard Steffen,Gerhard Woeginger,Moti Yung

International Workshop on Graphical Models for Security

Shanling Dong; Zheng-Guang Wu; Peng Shi

S Mauw; Barbara Kordy; Sushil Jajodia

GraMSec (Workshop)

Springer International Publishing AG

Springer Nature Switzerland AG

Lecture Notes in Computer Science 11720, 1st ed. 2019, 2019

Lecture Notes in Computer Science, Cham, Switzerland, 2019

Lecture Notes in Computer Science Ser, Cham, 2020

LNCS sublibrary, 1st ed. 2019, Cham, 2019

Springer Nature, Cham, 2019

Switzerland, Switzerland

Nov 28, 2019

2, 20191127

sm78806811

producers:
Acrobat Distiller 10.0.0 (Windows)

{"container_title":"Lecture Notes in Computer Science","edition":"1","isbns":["3030365360","3030365379","9783030365363","9783030365370"],"issns":["0302-9743","1611-3349"],"publisher":"Springer","series":"Lecture Notes in Computer Science 11720","source":"libgen_rs"}

Source title: Graphical Models for Security: 6th International Workshop, GraMSec 2019, Hoboken, NJ, USA, June 24, 2019, Revised Papers (Lecture Notes in Computer Science (11720))

Preface 6
Organization 8
Contents 10
Invited Papers 11
Graph Models in Tracking Behaviors for Cyber-Security 12
1 Basic Problem Statement 12
2 Graph Theoretic Aspects 13
References 14
Attack-Tree Series: A Case for Dynamic Attack Tree Analysis 16
1 Introduction 16
2 Related Work 17
3 Attributes on Attack-Tree Series 19
3.1 Attack-Tree Series 19
3.2 Attributes 20
4 Usage Scenarios 22
4.1 Highlighting Historical Trends 22
4.2 Other Application Scenarios 25
5 Conclusions 25
References 26
Attack Trees 29
Attack Trees: A Notion of Missing Attacks 30
1 Introduction 30
2 Related Work 32
3 Background on Attack Trees 34
3.1 Attack Trees Informally 34
3.2 Attacks 35
4 Enhancement of the Attack Tree Model 36
4.1 System Modeling with Labeled Transition Systems 36
4.2 Attack Tree Semantics in the Presence of a System Model 39
4.3 System-Based Approach to Classical View on Attack Trees 41
5 Missing Attacks 43
5.1 The Definition of Missing Attacks 43
5.2 The Missing Attack Existence Problem 44
5.3 The NP-hardness of TATM 47
5.4 The NP-membership of TATM 48
5.5 TATM Implementation 52
6 Conclusion and Future Work 53
References 55
Optimizing System Architecture Cost and Security Countermeasures 57
1 Introduction 57
2 State of the Art 58
3 Context 60
4 Contributions 60
4.1 Main Definitions: Adversary, Attack, Countermeasure 60
4.2 Success of Attacks 61
4.3 Attack Tree 62
4.4 Example 62
4.5 Analysis 64
4.6 The Optimization Problem 67
5 Discussions 68
5.1 Independent Attack Steps 68
5.2 SEQUENCE vs AND 69
5.3 A 2-Uple Attacker vs a 3-Uple One 69
6 Case Study 69
7 Conclusion 72
7.1 Automation 73
7.2 Attack-Defense Trees and Fault Trees 73
References 73
Security Analysis of IoT Systems Using Attack Trees 75
1 Introduction 75
2 Probabilistic IoT Models 77
2.1 Processes and States 77
2.2 Operational Semantics 78
3 Attack Trees 81
4 SBIP: A Stochastic Component Based Model 82
4.1 Preliminaries 82
4.2 Stochastic Atomic Components 83
4.3 Semantics of Stochastic Atomic Components 84
4.4 Composition of Stochastic Components 85
5 Transformation from IoT to SBIP 86
6 Evaluating the Probability of an Attack 89
7 Implementation and Experiments 90
8 Related Work 91
9 Conclusion 92
References 100
Attack–Defense Trees for Abusing Optical Power Meters: A Case Study and the OSEAD Tool Experience Report 102
1 Introduction 102
2 Tampering with a Power Meter Scenario 103
2.1 The Set-Up 103
2.2 The Scenario 104
3 Quantitative Analysis of the Tampering Scenario 111
3.1 The Problems of Interest 112
3.2 The Parameters Used 113
3.3 Estimation of Input Values 115
3.4 Debating on the Reliability of the Computation framework 117
4 Optimal Strategies for the Attacker and the Defender 119
4.1 Selection of Optimal Sets of Countermeasures 119
4.2 Attacks Optimizing Single Parameter 120
4.3 Attacks Optimizing Several Parameters 122
5 The OSEAD Tool 124
5.1 OSEAD from the User's Perspective 124
5.2 OSEAD's Performance 125
5.3 Implementation Details 125
6 Conclusion 127
A Optical Power Meter 128
References 129
Risk Management and Attack Graphs 133
Quantifying and Analyzing Information Security Risk from Incident Data 134
1 Introduction 134
2 Background and Related Work 136
3 Method 138
3.1 The Incident Classification and Analysis Scheme 138
3.2 Data Collection 139
3.3 Risk Analysis and Statistics 139
4 The InfoSec Risk Picture at the University 142
4.1 Risks According to the Incident Data 143
4.2 Trends and Predictions 144
5 Risk Analysis and Visualization 148
5.1 Cause and Outcome Analysis 149
5.2 Bow-tie Analysis of Malware Infections 151
5.3 Identifying Assets, Threats and Vulnerabilities 153
6 Discussion, Limitations, and Future Work 154
6.1 Classifying Incidents 155
6.2 The Risk Picture 156
6.3 Risk Visualization 157
7 Conclusion 158
References 159
Poster Support for an Obeya-Like Risk Management Approach 160
1 Introduction 160
2 A Set of Posters to Support Cybersecurity Risk Identification, Assessment and Treatment 162
2.1 Workshop n°1: Framing and Security Baseline 163
2.2 Workshop n°2: Risk Sources 166
2.3 Workshop n°3: Strategic Scenarios 166
2.4 Workshop n°4: Operational Scenarios 170
2.5 Workshop n°5: Risk Treatment 173
3 Discussion 174
3.1 Scalability 174
3.2 Methodological Evaluation 174
3.3 Final Report Generation 174
4 Conclusion 175
Appendixes 176
Overview of the Case-Studies 176
A Bit More About Logistics 177
Complementary Poster Templates in Support of Workshop n°1 177
Examples of Posters Produced During Workshop n°1 179
Complementary Poster Template in Support of Workshop n°2 183
Example of Poster Produced During Workshop n°2 184
Complementary Poster Template in Support of Workshop n°3 185
Example of Poster Produced During Workshop n°3 186
Example of Poster Produced During Workshop n°4 188
Example of Poster Produced During Workshop n°5 189
References 189
Conceptual Abstraction of Attack Graphs - A Use Case of securiCAD 191
1 Introduction 191
2 Related Work 192
3 securiLang 194
4 Attack Graph Abstraction 195
5 Abstracting securiLang 196
6 Evaluating the securiLang Abstraction 199
6.1 The Interviews 199
6.2 The Survey 200
7 Future Work 201
8 Conclusion 202
A Appendix 203
B Appendix 204
References 206
High-Level Automatic Event Detection and User Classification in a Social Network Context 208
1 Introduction 208
2 System Architecture 210
2.1 OSN CRAWLER 212
2.2 Interval Action Detector 212
2.3 High-Level Event Detector 214
2.4 Graphical User Interface (GUI) 217
3 Demo Specifications 218
4 Conclusion and Future Work 218
A The Framework Functionalities 219
A.1 Detection of Low-Level Annotations 219
A.2 Detection of Medium-Level Annotations 219
A.3 Detection of High-Level Event Occurrences 220
A.4 Detection of User Classifications 221
A.5 Automatic High-Level Event Detection 221
A.6 Definition of a New Atomic Predicate 221
A.7 Definition of a New Medium-Level Predicate 222
A.8 Definition of a New High-Level Event Model 222
References 223
Author Index 225

Front Matter ....Pages i-ix
Front Matter ....Pages 1-1
Graph Models in Tracking Behaviors for Cyber-Security (George Cybenko)....Pages 3-6
Attack-Tree Series: A Case for Dynamic Attack Tree Analysis (Olga Gadyatskaya, Sjouke Mauw)....Pages 7-19
Front Matter ....Pages 21-21
Attack Trees: A Notion of Missing Attacks (Sophie Pinchinat, Barbara Fila, Florence Wacheux, Yann Thierry-Mieg)....Pages 23-49
Optimizing System Architecture Cost and Security Countermeasures (Sahar Berro, Ludovic Apvrille, Guillaume Duc)....Pages 50-67
Security Analysis of IoT Systems Using Attack Trees (Delphine Beaulaton, Najah Ben Said, Ioana Cristescu, Salah Sadou)....Pages 68-94
Attack–Defense Trees for Abusing Optical Power Meters: A Case Study and the OSEAD Tool Experience Report (Barbara Fila, Wojciech Wideł)....Pages 95-125
Front Matter ....Pages 127-127
Quantifying and Analyzing Information Security Risk from Incident Data (Gaute Wangen)....Pages 129-154
Poster Support for an Obeya-Like Risk Management Approach (Stéphane Paul, Paul Varela)....Pages 155-185
Conceptual Abstraction of Attack Graphs - A Use Case of securiCAD (Xinyue Mao, Mathias Ekstedt, Engla Ling, Erik Ringdahl, Robert Lagerström)....Pages 186-202
High-Level Automatic Event Detection and User Classification in a Social Network Context (Fabio Persia, Sven Helmer)....Pages 203-219
Back Matter ....Pages 221-221

2019-11-27