A Proof Calculus for Attack Trees in Isabelle

Kammüller, Florian

doi:10.1007/978-3-319-67816-0_1

Florian Kammüller^17,18

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10436))

Included in the following conference series:

5506 Accesses
8 Citations

Abstract

Attack trees are an important modeling formalism to identify and quantify attacks on security and privacy. They are very useful as a tool to understand step by step the ways through a system graph that lead to the violation of security policies. In this paper, we present how attacks can be refined based on the violation of a policy. To that end we provide a formal definition of attack trees in Isabelle’s Higher Order Logic: a proof calculus that defines how to refine sequences of attack steps into a valid attack. We use a notion of Kripke semantics as formal foundation that then allows to express attack goals using branching time temporal logic CTL. We illustrate the use of the mechanized Isabelle framework on the example of a privacy attack to an IoT healthcare system.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

References

Arnold, F., Hermanns, H., Pulungan, R., Stoelinga, M.: Time-dependent analysis of attacks. In: Abadi, M., Kremer, S. (eds.) POST 2014. LNCS, vol. 8414, pp. 285–305. Springer, Heidelberg (2014). doi:10.1007/978-3-642-54792-8_16
Chapter Google Scholar
Chen, T., Kammüller, F., Nemli, I., Probst, C.W.: A probabilistic analysis framework for malicious insider threats. In: Tryfonas, T., Askoxylakis, I. (eds.) HAS 2015. LNCS, vol. 9190, pp. 178–189. Springer, Cham (2015). doi:10.1007/978-3-319-20376-8_16
Chapter Google Scholar
CHIST-ERA. Success: Secure accessibility for the internet of things (2016). http://www.chistera.eu/projects/success
Hempel, C.G., Oppenheim, P.: Studies in the logic of explanation. Philos. Sci. 15, 135–175 (1948)
Article Google Scholar
Jhawar, R., Kordy, B., Mauw, S., Radomirović, S., Trujillo-Rasua, R.: Attack trees with sequential conjunction. In: Federrath, H., Gollmann, D. (eds.) SEC 2015. IFIP AICT, vol. 455, pp. 339–353. Springer, Cham (2015). doi:10.1007/978-3-319-18467-8_23
Chapter Google Scholar
Kammüller, F.: Isabelle modelchecking for insider threats. In: Livraga, G., Torra, V., Aldini, A., Martinelli, F., Suri, N. (eds.) DPM/QASA -2016. LNCS, vol. 9963, pp. 196–210. Springer, Cham (2016). doi:10.1007/978-3-319-47072-6_13
Chapter Google Scholar
Kammüller, F.: Isabelle insider framework with Kripke structures, CTL, attack trees and refinement (2017). https://www.dropbox.com/sh/rx8d09pf31cv8bd/AAALKtaP8HMX642fi04Og4NLa?dl=0
Kammüller, F., Kerber, M., Probst, C.: Towards formal analysis of insider threats for auctions. In: 8th ACM CCS International Workshop on Managing Insider Security Threats, MIST 2016. ACM (2016)
Google Scholar
Kammüller, F., Nurse, J.R.C., Probst, C.W.: Attack tree analysis for insider threats on the IoT using Isabelle. In: Tryfonas, T. (ed.) HAS 2016. LNCS, vol. 9750, pp. 234–246. Springer, Cham (2016). doi:10.1007/978-3-319-39381-0_21
Chapter Google Scholar
Kammüller, F., Probst, C.W.: Invalidating policies using structural information. In: IEEE Security and Privacy Workshops (SPW). IEEE (2013)
Google Scholar
Kammüller, F., Probst, C.W.: Modeling and verification of insider threats using logical analysis. IEEE Syst. J. Special Issue Insider Threats Inf. Secur., Digit. Espionage, Counter Intell. 11, 534–545 (2017)
Google Scholar
Kordy, B., Mauw, S., Radomirovic, S., Schweitzer, P.: Attack-defense trees. J. Logic Comput. 24(1), 55–87 (2014)
Article MathSciNet Google Scholar
Kordy, B., Piètre-Cambacédès, L., Schweitzer, P.: Dag-based attack and defense modeling: don’t miss the forest for the attack trees. Comput. Sci. Rev. 13–14, 1–38 (2014)
Article Google Scholar
Kumar, R., Ruijters, E., Stoelinga, M.: Quantitative attack tree analysis via priced timed automata. In: Sankaranarayanan, S., Vicario, E. (eds.) FORMATS 2015. LNCS, vol. 9268, pp. 156–171. Springer, Cham (2015). doi:10.1007/978-3-319-22975-1_11
Chapter MATH Google Scholar
Probst, C.W., Kammüller, F., Hansen, R.R.: Formal modelling and analysis of socio-technical systems. In: Probst, C.W., Hankin, C., Hansen, R.R. (eds.) Semantics, Logics, and Calculi. LNCS, vol. 9560, pp. 54–73. Springer, Cham (2016). doi:10.1007/978-3-319-27810-0_3
Chapter MATH Google Scholar
Schneier, B.: Secrets and Lies: Digital Security in a Networked World. Wiley, New York (2004)
Google Scholar

Download references

Author information

Authors and Affiliations

Middlesex University London, London, UK
Florian Kammüller
Technische Universität Berlin, Berlin, Germany
Florian Kammüller

Authors

Florian Kammüller
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Florian Kammüller .

Editor information

Editors and Affiliations

Télécom SudParis, Evry, France
Joaquin Garcia-Alfaro
Department of Information and Communications Engineering, Autonomous University of Barcelona, Bellaterra, Spain
Guillermo Navarro-Arribas
Karlsruhe Institute of Technology, Karlsruhe, Germany
Hannes Hartenstein
Autonomous University of Barcelona, Bellaterra, Spain
Jordi Herrera-Joancomartí

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Kammüller, F. (2017). A Proof Calculus for Attack Trees in Isabelle. In: Garcia-Alfaro, J., Navarro-Arribas, G., Hartenstein, H., Herrera-Joancomartí, J. (eds) Data Privacy Management, Cryptocurrencies and Blockchain Technology. DPM CBT 2017 2017. Lecture Notes in Computer Science(), vol 10436. Springer, Cham. https://doi.org/10.1007/978-3-319-67816-0_1

Download citation

DOI: https://doi.org/10.1007/978-3-319-67816-0_1
Published: 13 September 2017
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-67815-3
Online ISBN: 978-3-319-67816-0
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics