Abstract
Attack trees are an important modeling formalism to identify and quantify attacks on security and privacy. They are very useful as a tool to understand step by step the ways through a system graph that lead to the violation of security policies. In this paper, we present how attacks can be refined based on the violation of a policy. To that end we provide a formal definition of attack trees in Isabelle’s Higher Order Logic: a proof calculus that defines how to refine sequences of attack steps into a valid attack. We use a notion of Kripke semantics as formal foundation that then allows to express attack goals using branching time temporal logic CTL. We illustrate the use of the mechanized Isabelle framework on the example of a privacy attack to an IoT healthcare system.
References
Arnold, F., Hermanns, H., Pulungan, R., Stoelinga, M.: Time-dependent analysis of attacks. In: Abadi, M., Kremer, S. (eds.) POST 2014. LNCS, vol. 8414, pp. 285–305. Springer, Heidelberg (2014). doi:10.1007/978-3-642-54792-8_16
Chen, T., Kammüller, F., Nemli, I., Probst, C.W.: A probabilistic analysis framework for malicious insider threats. In: Tryfonas, T., Askoxylakis, I. (eds.) HAS 2015. LNCS, vol. 9190, pp. 178–189. Springer, Cham (2015). doi:10.1007/978-3-319-20376-8_16
CHIST-ERA. Success: Secure accessibility for the internet of things (2016). http://www.chistera.eu/projects/success
Hempel, C.G., Oppenheim, P.: Studies in the logic of explanation. Philos. Sci. 15, 135–175 (1948)
Jhawar, R., Kordy, B., Mauw, S., Radomirović, S., Trujillo-Rasua, R.: Attack trees with sequential conjunction. In: Federrath, H., Gollmann, D. (eds.) SEC 2015. IFIP AICT, vol. 455, pp. 339–353. Springer, Cham (2015). doi:10.1007/978-3-319-18467-8_23
Kammüller, F.: Isabelle modelchecking for insider threats. In: Livraga, G., Torra, V., Aldini, A., Martinelli, F., Suri, N. (eds.) DPM/QASA -2016. LNCS, vol. 9963, pp. 196–210. Springer, Cham (2016). doi:10.1007/978-3-319-47072-6_13
Kammüller, F.: Isabelle insider framework with Kripke structures, CTL, attack trees and refinement (2017). https://www.dropbox.com/sh/rx8d09pf31cv8bd/AAALKtaP8HMX642fi04Og4NLa?dl=0
Kammüller, F., Kerber, M., Probst, C.: Towards formal analysis of insider threats for auctions. In: 8th ACM CCS International Workshop on Managing Insider Security Threats, MIST 2016. ACM (2016)
Kammüller, F., Nurse, J.R.C., Probst, C.W.: Attack tree analysis for insider threats on the IoT using Isabelle. In: Tryfonas, T. (ed.) HAS 2016. LNCS, vol. 9750, pp. 234–246. Springer, Cham (2016). doi:10.1007/978-3-319-39381-0_21
Kammüller, F., Probst, C.W.: Invalidating policies using structural information. In: IEEE Security and Privacy Workshops (SPW). IEEE (2013)
Kammüller, F., Probst, C.W.: Modeling and verification of insider threats using logical analysis. IEEE Syst. J. Special Issue Insider Threats Inf. Secur., Digit. Espionage, Counter Intell. 11, 534–545 (2017)
Kordy, B., Mauw, S., Radomirovic, S., Schweitzer, P.: Attack-defense trees. J. Logic Comput. 24(1), 55–87 (2014)
Kordy, B., Piètre-Cambacédès, L., Schweitzer, P.: Dag-based attack and defense modeling: don’t miss the forest for the attack trees. Comput. Sci. Rev. 13–14, 1–38 (2014)
Kumar, R., Ruijters, E., Stoelinga, M.: Quantitative attack tree analysis via priced timed automata. In: Sankaranarayanan, S., Vicario, E. (eds.) FORMATS 2015. LNCS, vol. 9268, pp. 156–171. Springer, Cham (2015). doi:10.1007/978-3-319-22975-1_11
Probst, C.W., Kammüller, F., Hansen, R.R.: Formal modelling and analysis of socio-technical systems. In: Probst, C.W., Hankin, C., Hansen, R.R. (eds.) Semantics, Logics, and Calculi. LNCS, vol. 9560, pp. 54–73. Springer, Cham (2016). doi:10.1007/978-3-319-27810-0_3
Schneier, B.: Secrets and Lies: Digital Security in a Networked World. Wiley, New York (2004)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Kammüller, F. (2017). A Proof Calculus for Attack Trees in Isabelle. In: Garcia-Alfaro, J., Navarro-Arribas, G., Hartenstein, H., Herrera-Joancomartí, J. (eds) Data Privacy Management, Cryptocurrencies and Blockchain Technology. DPM CBT 2017 2017. Lecture Notes in Computer Science(), vol 10436. Springer, Cham. https://doi.org/10.1007/978-3-319-67816-0_1
Download citation
DOI: https://doi.org/10.1007/978-3-319-67816-0_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-67815-3
Online ISBN: 978-3-319-67816-0
eBook Packages: Computer ScienceComputer Science (R0)