Search

Your search keyword '"Kordy, Barbara"' showing total 93 results
Start Over Author "Kordy, Barbara"
93 results on '"Kordy, Barbara"'

1. Is my attack tree correct? Extended version

Author

Audinot, Maxime, Pinchinat, Sophie, and Kordy, Barbara

Subjects
Computer Science - Cryptography and Security
Abstract

Attack trees are a popular way to represent and evaluate potential security threats on systems or infrastructures. The goal of this work is to provide a framework allowing to express and check whether an attack tree is consistent with the analyzed system. We model real systems using transition systems and introduce attack trees with formally specified node labels. We formulate the correctness properties of an attack tree with respect to a system and study the complexity of the corresponding decision problems. The proposed framework can be used in practice to assist security experts in manual creation of attack trees and enhance development of tools for automated generation of attack trees.

Published
2017

2. Attack Trees with Sequential Conjunction

Author

Jhawar, Ravi, Kordy, Barbara, Mauw, Sjouke, Radomirovic, Sasa, and Trujillo-Rasua, Rolando

Subjects
Computer Science - Cryptography and Security
Abstract

We provide the first formal foundation of SAND attack trees which are a popular extension of the well-known attack trees. The SAND attack tree formalism increases the expressivity of attack trees by introducing the sequential conjunctive operator SAND. This operator enables the modeling of ordered events. We give a semantics to SAND attack trees by interpreting them as sets of series-parallel graphs and propose a complete axiomatization of this semantics. We define normal forms for SAND attack trees and a term rewriting system which allows identification of semantically equivalent trees. Finally, we formalize how to quantitatively analyze SAND attack trees using attributes., Comment: This is an extended version of the work published at IFIP SEC 2015

Published
2015

3. Proceedings First International Workshop on Graphical Models for Security

Author

Kordy, Barbara, Mauw, Sjouke, and Pieters, Wolter

Subjects
Computer Science - Cryptography and Security
Abstract

The present volume contains the proceedings of the First International Workshop on Graphical Models for Security (GraMSec'14). The workshop was held in Grenoble, France, on April 12, 2014, as one of the satellite events of the European Joint Conferences on Theory and Practice of Software 2014 (ETAPS'14). Graphical security models provide an intuitive but systematic methodology to analyze security weaknesses of systems and to evaluate potential protection measures. Such models have been subject of academic research and they have also been widely accepted by the industrial sector, as a means to support and facilitate threat analysis and risk management processes. The objective of GraMSec is to contribute to the development of well-founded graphical security models, efficient algorithms for their analysis, as well as methodologies for their practical usage. The workshop brings together academic researchers and industry practitioners designing and employing visual models for security in order to provide a platform for discussion, knowledge exchange and collaborations.

Published
2014
Full Text
View/download PDF

4. ADTool: Security Analysis with Attack-Defense Trees (Extended Version)

Author

Kordy, Barbara, Kordy, Piotr, Mauw, Sjouke, and Schweitzer, Patrick

Subjects
Computer Science - Cryptography and Security, Computer Science - Computer Science and Game Theory
Abstract

The ADTool is free, open source software assisting graphical modeling and quantitative analysis of security, using attack-defense trees. The main features of the ADTool are easy creation, efficient editing, and automated bottom-up evaluation of security-relevant measures. The tool also supports the usage of attack trees, protection trees and defense trees, which are all particular instances of attack-defense trees., Comment: This is an extended version of the tool demonstration paper accepted for publication at the 10th International Conference on Quantitative Evaluation of SysTems (QEST 2013)

Published
2013

5. DAG-Based Attack and Defense Modeling: Don't Miss the Forest for the Attack Trees

Author

Kordy, Barbara, Piètre-Cambacédès, Ludovic, and Schweitzer, Patrick

Subjects
Computer Science - Cryptography and Security
Abstract

This paper presents the current state of the art on attack and defense modeling approaches that are based on directed acyclic graphs (DAGs). DAGs allow for a hierarchical decomposition of complex scenarios into simple, easily understandable and quantifiable actions. Methods based on threat trees and Bayesian networks are two well-known approaches to security modeling. However there exist more than 30 DAG-based methodologies, each having different features and goals. The objective of this survey is to present a complete overview of graphical attack and defense modeling techniques based on DAGs. This consists of summarizing the existing methodologies, comparing their features and proposing a taxonomy of the described formalisms. This article also supports the selection of an adequate modeling technique depending on user requirements.

Published
2013

6. On Quantitative Analysis of Attack–Defense Trees with Repeated Labels

Author

Kordy, Barbara, Wideł, Wojciech, Hutchison, David, Series Editor, Kanade, Takeo, Series Editor, Kittler, Josef, Series Editor, Kleinberg, Jon M., Series Editor, Mattern, Friedemann, Series Editor, Mitchell, John C., Series Editor, Naor, Moni, Series Editor, Pandu Rangan, C., Series Editor, Steffen, Bernhard, Series Editor, Terzopoulos, Demetri, Series Editor, Tygar, Doug, Series Editor, Weikum, Gerhard, Series Editor, Bauer, Lujo, editor, and Küsters, Ralf, editor

Published
2018
Full Text
View/download PDF

7. Evil Twins: Handling Repetitions in Attack–Defense Trees : A Survival Guide

Author

Bossuat, Angèle, Kordy, Barbara, Hutchison, David, Series Editor, Kanade, Takeo, Series Editor, Kittler, Josef, Series Editor, Kleinberg, Jon M., Series Editor, Mattern, Friedemann, Series Editor, Mitchell, John C., Series Editor, Naor, Moni, Series Editor, Pandu Rangan, C., Series Editor, Steffen, Bernhard, Series Editor, Terzopoulos, Demetri, Series Editor, Tygar, Doug, Series Editor, Weikum, Gerhard, Series Editor, Liu, Peng, editor, Mauw, Sjouke, editor, and Stolen, Ketil, editor

Published
2018
Full Text
View/download PDF

8. Quantitative Questions on Attack-Defense Trees

Author

Kordy, Barbara, Mauw, Sjouke, and Schweitzer, Patrick

Subjects
Computer Science - Cryptography and Security
Abstract

Attack-defense trees are a novel methodology for graphical security modeling and assessment. The methodology includes visual, intuitive tree models whose analysis is supported by a rigorous mathematical formalism. Both, the intuitive and the formal components of the approach can be used for quantitative analysis of attack-defense scenarios. In practice, we use intuitive questions to ask about aspects of scenarios we are interested in. Formally, a computational procedure, defined with the help of attribute domains and a bottom-up algorithm, is applied to derive the corresponding numerical values. This paper bridges the gap between the intuitive and the formal way of quantitatively assessing attack-defense scenarios. We discuss how to properly specify a question, so that it can be answered unambiguously. Given a well specified question, we then show how to derive an appropriate attribute domain which constitutes the corresponding formal model. Since any attack tree is in particular an attack-defense tree, our analysis is also an advancement of the attack tree methodology., Comment: technical report including formal pruning and additional figures

Published
2012

9. Attack--Defense Trees and Two-Player Binary Zero-Sum Extensive Form Games Are Equivalent - Technical Report with Proofs

Author

Kordy, Barbara, Mauw, Sjouke, Melissen, Matthijs, and Schweitzer, Patrick

Subjects
Computer Science - Cryptography and Security, Computer Science - Computer Science and Game Theory
Abstract

Attack--defense trees are used to describe security weaknesses of a system and possible countermeasures. In this paper, the connection between attack--defense trees and game theory is made explicit. We show that attack--defense trees and binary zero-sum two-player extensive form games have equivalent expressive power when considering satisfiability, in the sense that they can be converted into each other while preserving their outcome and their internal structure., Comment: Added link to springerlink; Proceedings of GameSec 2010

Published
2010
Full Text
View/download PDF

10. How Well Can I Secure My System?

Author

Kordy, Barbara, Wideł, Wojciech, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Polikarpova, Nadia, editor, and Schneider, Steve, editor

Published
2017
Full Text
View/download PDF

11. Is My Attack Tree Correct?

Author

Audinot, Maxime, Pinchinat, Sophie, Kordy, Barbara, Hutchison, David, Series Editor, Kanade, Takeo, Series Editor, Kittler, Josef, Series Editor, Kleinberg, Jon M., Series Editor, Mattern, Friedemann, Series Editor, Mitchell, John C., Series Editor, Naor, Moni, Series Editor, Pandu Rangan, C., Series Editor, Steffen, Bernhard, Series Editor, Terzopoulos, Demetri, Series Editor, Tygar, Doug, Series Editor, Weikum, Gerhard, Series Editor, Foley, Simon N., editor, Gollmann, Dieter, editor, and Snekkenes, Einar, editor

Published
2017
Full Text
View/download PDF

12. How to Handle Rainbow Tables with External Memory

Author

Avoine, Gildas, Carpent, Xavier, Kordy, Barbara, Tardif, Florent, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Pieprzyk, Josef, editor, and Suriadi, Suriadi, editor

Published
2017
Full Text
View/download PDF

13. SPTool – Equivalence Checker for Attack Trees

Author

Kordy, Barbara, Kordy, Piotr, van den Boom, Yoann, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Cuppens, Frédéric, editor, Cuppens, Nora, editor, Lanet, Jean-Louis, editor, and Legay, Axel, editor

Published
2017
Full Text
View/download PDF

15. A Probabilistic Framework for Security Scenarios with Dependent Actions

Author

Kordy, Barbara, Pouly, Marc, Schweitzer, Patrick, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Kobsa, Alfred, Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Nierstrasz, Oscar, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Albert, Elvira, editor, and Sekerinski, Emil, editor

Published
2014
Full Text
View/download PDF

17. ADTool: Security Analysis with Attack–Defense Trees

Author

Kordy, Barbara, Kordy, Piotr, Mauw, Sjouke, Schweitzer, Patrick, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Doug, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Joshi, Kaustubh, editor, Siegle, Markus, editor, Stoelinga, Mariëlle, editor, and D’Argenio, Pedro R., editor

Published
2013
Full Text
View/download PDF

18. Quantitative Questions on Attack–Defense Trees

Author

Kordy, Barbara, Mauw, Sjouke, Schweitzer, Patrick, Hutchison, David, editor, Kanade, Takeo, editor, Kittler, Josef, editor, Kleinberg, Jon M., editor, Mattern, Friedemann, editor, Mitchell, John C., editor, Naor, Moni, editor, Nierstrasz, Oscar, editor, Pandu Rangan, C., editor, Steffen, Bernhard, editor, Sudan, Madhu, editor, Terzopoulos, Demetri, editor, Tygar, Doug, editor, Vardi, Moshe Y., editor, Weikum, Gerhard, editor, Kwon, Taekyoung, editor, Lee, Mun-Kyu, editor, and Kwon, Daesung, editor

Published
2013
Full Text
View/download PDF

20. Computational Aspects of Attack–Defense Trees

Author

Kordy, Barbara, Pouly, Marc, Schweitzer, Patrick, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Nierstrasz, Oscar, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Sudan, Madhu, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Vardi, Moshe Y., Series editor, Weikum, Gerhard, Series editor, Bouvry, Pascal, editor, Kłopotek, Mieczysław A., editor, Leprévost, Franck, editor, Marciniak, Małgorzata, editor, Mykowiecka, Agnieszka, editor, and Rybiński, Henryk, editor

Published
2012
Full Text
View/download PDF

21. Foundations of Attack–Defense Trees

Author

Kordy, Barbara, Mauw, Sjouke, Radomirović, Saša, Schweitzer, Patrick, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Nierstrasz, Oscar, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Sudan, Madhu, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Vardi, Moshe Y., Series editor, Weikum, Gerhard, Series editor, Degano, Pierpaolo, editor, Etalle, Sandro, editor, and Guttman, Joshua, editor

Published
2011
Full Text
View/download PDF

22. Attack–Defense Trees and Two-Player Binary Zero-Sum Extensive Form Games Are Equivalent

Author

Kordy, Barbara, Mauw, Sjouke, Melissen, Matthijs, Schweitzer, Patrick, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Nierstrasz, Oscar, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Sudan, Madhu, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Vardi, Moshe Y., Series editor, Weikum, Gerhard, Series editor, Alpcan, Tansu, editor, Buttyán, Levente, editor, and Baras, John S., editor

Published
2010
Full Text
View/download PDF

23. A Rewrite Approach for Pattern Containment

Author

Kordy, Barbara, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Nierstrasz, Oscar, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Sudan, Madhu, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Vardi, Moshe Y., Series editor, Weikum, Gerhard, Series editor, Corradini, Andrea, editor, and Montanari, Ugo, editor

Published
2009
Full Text
View/download PDF

31. Enterprise Architecture-Based Risk and Security Modelling and Analysis

Author

Jonkers, Henk, Quartel, Dick, Kordy, Barbara, Ekstedt, Mathias, and Seong Kim, Deng

Subjects
Enterprise architecture framework, METIS-318505, Knowledge management, business.industry, Risk analysis, Sherwood Applied Business Security Architecture, Enterprise integration, Enterprise architecture, ArchiMate, Enterprise information security architecture, Enterprise modelling, EC Grant Agreement nr.: FP7/318003, Enterprise architecture management, Risk analysis (engineering), Enterprise life cycle, EC Grant Agreement nr.: FP7/2007-2013, Risk and security modelling, EWI-27179, IR-101091, Business, Enterprise Architecture
Abstract

The growing complexity of organizations and the increasing number of sophisticated cyber attacks asks for a systematic and integral approach to Enterprise Risk and Security Management (ERSM). As enterprise architecture offers the necessary integral perspective, including the business and IT aspects as well as the business motivation, it seems natural to integrate risk and security aspects in the enterprise architecture. In this paper we show how the ArchiMate standard for enterprise architecture modelling can be used to support risk and security modelling and analysis throughout the ERSM cycle, covering both risk assessment and security deployment.

Published
2016

32. On Quantitative Analysis of Attack-Defense Trees with Repeated Labels

Author

Wideł, Wojciech, Kordy, Barbara, Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES), EMbedded SEcurity and Cryptography (EMSEC), SYSTÈMES LARGE ÉCHELLE (IRISA-D1), Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), CentraleSupélec-Télécom Bretagne-Université de Rennes 1 (UR1), Université de Rennes (UNIV-RENNES)-Université de Rennes (UNIV-RENNES)-Institut National de Recherche en Informatique et en Automatique (Inria)-École normale supérieure - Rennes (ENS Rennes)-Université de Bretagne Sud (UBS)-Centre National de la Recherche Scientifique (CNRS)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA)-CentraleSupélec-Télécom Bretagne-Université de Rennes 1 (UR1), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA)-Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA), Institut National des Sciences Appliquées (INSA), Université de Rennes (UR)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-Université de Rennes (UR)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS), and Wideł, Wojciech

Subjects
[INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], ComputingMilieux_MISCELLANEOUS, [INFO.INFO-CR] Computer Science [cs]/Cryptography and Security [cs.CR]
Abstract

International audience

Published
2018

34. ADTool

Author

Kordy, Barbara, Kordy, Piotr, Mauw, Sjouke, Schweitzer, Patrick, Joshi, Kaustubh, Siegle, Markus, Stoelinga, Mariëlle, and d' Argenio, Pedro R.

Subjects
Security analysis, Computer science, Attack tree, 0102 computer and information sciences, 02 engineering and technology, Open source software, computer.software_genre, 01 natural sciences, EC Grant Agreement nr.: FP7/318003, Domain class, Quantitative analysis (finance), 010201 computation theory & mathematics, 0202 electrical engineering, electronic engineering, information engineering, EC Grant Agreement nr.: FP7/2007-2013, 020201 artificial intelligence & image processing, Attribute domain, Data mining, computer
Abstract

ADTool is free, open source software assisting graphical modeling and quantitative analysis of security, using attack---defense trees. The main features of ADTool are easy creation, efficient editing, and automated bottom-up evaluation of security-relevant measures. The tool also supports the usage of attack trees, protection trees and defense trees, which are all particular instances of attack---defense trees.

Published
2013

35. Graphical Models for Security: Third International Workshop, GraMSec 2016, Lisbon, Portugal, June 27, 2016, Revised Selected Papers

Author

Kordy, Barbara, Mathias, Ekstedt, Dong Seong, Kim, EMbedded SEcurity and Cryptography (EMSEC), SYSTÈMES LARGE ÉCHELLE (IRISA-D1), Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), Université de Rennes (UR)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-Université de Rennes (UR)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS), Royal Institute of Technology [Stockholm] (KTH ), University of Canterbury [Christchurch], Barbara Kordy, Mathias Ekstedt, Dong Seong Kim, European Project: 318003,EC:FP7:ICT,FP7-ICT-2011-8,TRESPASS(2012), CentraleSupélec-Télécom Bretagne-Université de Rennes 1 (UR1), Université de Rennes (UNIV-RENNES)-Université de Rennes (UNIV-RENNES)-Institut National de Recherche en Informatique et en Automatique (Inria)-École normale supérieure - Rennes (ENS Rennes)-Université de Bretagne Sud (UBS)-Centre National de la Recherche Scientifique (CNRS)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA)-CentraleSupélec-Télécom Bretagne-Université de Rennes 1 (UR1), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA)-Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), and Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA)

Subjects
ACM: H.: Information Systems, [INFO]Computer Science [cs], ComputingMilieux_MISCELLANEOUS
Abstract

International audience

Published
2016

36. SPTool - Equivalence Checker for SAND Attack Trees

Author

Kordy, Barbara, Piotr, Kordy, Yoann, van den Boom, EMbedded SEcurity and Cryptography (EMSEC), SYSTÈMES LARGE ÉCHELLE (IRISA-D1), Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), CentraleSupélec-Télécom Bretagne-Université de Rennes 1 (UR1), Université de Rennes (UNIV-RENNES)-Université de Rennes (UNIV-RENNES)-Institut National de Recherche en Informatique et en Automatique (Inria)-École normale supérieure - Rennes (ENS Rennes)-Université de Bretagne Sud (UBS)-Centre National de la Recherche Scientifique (CNRS)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA)-CentraleSupélec-Télécom Bretagne-Université de Rennes 1 (UR1), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA)-Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA), Université de Rennes (UR)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-Université de Rennes (UR)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), and Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)

Subjects
Maude, Attack trees, canonical form, SAND, SPTool, equivalence, axiomatization, [INFO]Computer Science [cs], ComputingMilieux_MISCELLANEOUS, sequential operator, rewriting
Abstract

International audience

Published
2016

37. Graphical Models for Security

Author

Kordy, Barbara, Mauw, Sjouke, JAJODIA, Sushil, EMbedded SEcurity and Cryptography (EMSEC), SYSTÈMES LARGE ÉCHELLE (IRISA-D1), Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), Université de Rennes (UR)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-Université de Rennes (UR)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS), Interdisciplinary Centre for Security, Reliability and Trust [Luxembourg] (SnT), Université du Luxembourg (Uni.lu), Center for Secure Information Systems [Fairfax], George Mason University [Fairfax], Sjouke Mauw, Barbara Kordy, Sushil Jajodia, European Project: 318003,EC:FP7:ICT,FP7-ICT-2011-8,TRESPASS(2012), CentraleSupélec-Télécom Bretagne-Université de Rennes 1 (UR1), Université de Rennes (UNIV-RENNES)-Université de Rennes (UNIV-RENNES)-Institut National de Recherche en Informatique et en Automatique (Inria)-École normale supérieure - Rennes (ENS Rennes)-Université de Bretagne Sud (UBS)-Centre National de la Recherche Scientifique (CNRS)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA)-CentraleSupélec-Télécom Bretagne-Université de Rennes 1 (UR1), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA)-Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), and Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA)

Subjects
graphical modeling, risk assessment, [INFO]Computer Science [cs], security
Abstract

International audience; This volume constitutes the thoroughly refereed post-conference proceedings of the Second International Workshop on Graphical Models for Security, GraMSec 2015, held in Verona, Italy, in July 2015.The 5 revised full papers presented together with one short tool paper and one invited article were carefully reviewed and selected from 13 submissions. The GraMSec workshop contributes to the development of well-founded graphical security models, efficient algorithms for their analysis, as well as methodologies for their practical usage, thus providing an intuitive but systematic methodology to analyze security weaknesses of systems and to evaluate potential protection measures.

Published
2016

38. The Attack Navigator (Invited)

Author

Probst, Christian W., Willemson, Jan, Pieters, Wolter, Mauw, Sjouke, Kordy, Barbara, and Jajodia, Sushil

Subjects
METIS-316832, EWI-26713, Attack Navigator, EC Grant Agreement nr.: FP7/318003, EC Grant Agreement nr.: FP7/2007-2013, IR-100407
Abstract

The need to assess security and take protection decisions is at least as old as our civilisation. However, the complexity and develop-ment speed of our interconnected technical systems have surpassed our capacity to imagine and evaluate risk scenarios. This holds in particular for risks that are caused by the strategic behaviour of adversaries. There-fore, technology-supported methods are needed to help us identify and manage these risks. In this paper, we describe the attack navigator: a graph-based approach to security risk assessment inspired by navigation systems. Based on maps of a socio-technical system, the attack navigator identi﬿es routes to an attacker goal. Speci﬿c attacker properties such as skill or resources can be included through attacker pro﬿les. This enables defenders to explore attack scenarios and the effectiveness of defense alternatives under different threat conditions.

Published
2016

39. Bridging two worlds: Reconciling practical risk assessment methodologies with theory of attack trees

Author

Gadyatskaya, Olga, Harpes, Carlo, Mauw, Sjouke, Muller, Cedric, Muller, Steve, Kordy, Barbara, Ekstedt, Mathias, Kim, Dong Seong, European Commission - EC [sponsor], and Interdisciplinary Centre for Security, Reliability and Trust - SnT [research center]

Subjects
Engineering, Bridging (networking), Optimization problem, Operations research, Attack tree, 02 engineering and technology, Bridge (nautical), Order (exchange), 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, METIS-318530, EWI-27242, Computer science [C05] [Engineering, computing & technology], business.industry, risk assessment, countermeasure selection, IR-101549, Sciences informatiques [C05] [Ingénierie, informatique & technologie], EC Grant Agreement nr.: FP7/2007–2013, Residual risk, EC Grant Agreement nr.: FP7/318003, Countermeasure, 020201 artificial intelligence & image processing, Risk assessment, business, attack trees
Abstract

Security risk treatment often requires a complex cost-benefit analysis to be carried out in order to select countermeasures that optimally reduce risks while having minimal costs. According to ISO/IEC 27001, risk treatment relies on catalogues of countermeasures, and the analysts are expected to estimate the residual risks. At the same time, recent advancements in attack tree theory provide elegant solutions to this optimization problem. In this short paper we propose to bridge the gap between these two worlds by introducing optimal countermeasure selection problem on attack-defense trees into the TRICK security risk assessment methodology.

Published
2016

40. From A to Z: Developing a Visual Vocabulary for Information Security Threat Visualisation

Author

Li, Eric, Barendse, Jeroen, Brodbeck, Frederic, Tanner, Axel, Kordy, Barbara, Ekstedt, Mathias, and Kim, Dong Seong

Subjects
Difficult problem, Vocabulary, Computer science, media_common.quotation_subject, Attack tree, Information security, Attack graph, Data science, Visualization, Variety (cybernetics), World Wide Web, Attack model, IR-101550, EC Grant Agreement nr.: FP7/318003, EC Grant Agreement nr.: FP7/2007-2013, EWI-27244, METIS-318532, media_common
Abstract

Security visualisation is a very difficult problem due to its inherent need to represent complexity and to be flexible for a wide range of applications. As a result, many current approaches are not particularly effective. This paper presents several novel approaches for visualising information security threats which aim to create a flexible and effective basis for creating semantically rich threat visualisation diagrams. By presenting generalised approaches, these ideas can be applied to a wide variety of situations, as demonstrated in two specific visualisations: one for visualising attack trees, the other for visualising attack graphs. It concludes by discussing future work and introducing a novel exploration of attack models.

Published
2016

41. Transforming Graphical System Models To Graphical Attack Models

Author

Ivanova, Marieta Georgieva, Probst, Christian W., Hansen, René Rydhof, Kammüller, Florian, Mauw, Sjouke, Kordy, Barbara, and Jajodia, Sushil

Subjects
Engineering, Basis (linear algebra), business.industry, Attack tree, 020207 software engineering, 02 engineering and technology, Asset (computer security), computer.software_genre, Structuring, Attack model, Identification (information), EC Grant Agreement nr.: FP7/318003, 0202 electrical engineering, electronic engineering, information engineering, EC Grant Agreement nr.: FP7/2007-2013, 020201 artificial intelligence & image processing, Data mining, business, Representation (mathematics), Software engineering, computer
Abstract

Manually identifying possible attacks on an organisation is a complex undertaking; many different factors must be considered, and the resulting attack scenarios can be complex and hard to maintain as the organisation changes. System models provide a systematic representation of organisations that helps in structuring attack identification and can integrate physical, virtual, and social components. These models form a solid basis for guiding the manual identification of attack scenarios. Their main benefit, however, is in the analytic generation of attacks. In this work we present a systematic approach to transforming graphical system models to graphical attack models in the form of attack trees. Based on an asset in the model, our transformations result in an attack tree that represents attacks by all possible actors in the model, after which the actor in question has obtained the asset.

Published
2015

42. Vers un outil de vérification formelle légere pour OCaml

Author

Genet, Thomas, Kordy, Barbara, Vansyngel, Amaury, Software certification with semantic analysis (CELTIQUE), Inria Rennes – Bretagne Atlantique, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-LANGAGE ET GÉNIE LOGICIEL (IRISA-D4), Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), Université de Rennes (UR)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-Université de Rennes (UR)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS), University of Luxembourg [Luxembourg], Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA), LANGAGE ET GÉNIE LOGICIEL (IRISA-D4), Université de Rennes 1 (UR1), Université de Rennes (UNIV-RENNES)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-Université de Rennes 1 (UR1), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-Institut de Recherche en Informatique et Systèmes Aléatoires (IRISA), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA)-Université de Bretagne Sud (UBS)-École normale supérieure - Rennes (ENS Rennes)-Institut National de Recherche en Informatique et en Automatique (Inria)-Télécom Bretagne-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS)-Inria Rennes – Bretagne Atlantique, Institut National de Recherche en Informatique et en Automatique (Inria), and Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)

Subjects
[INFO.INFO-FL]Computer Science [cs]/Formal Languages and Automata Theory [cs.FL], [INFO.INFO-SE]Computer Science [cs]/Software Engineering [cs.SE]
Abstract

National audience; Si l'on décrit , par une grammaire, l'ensemble des entrées possibles d'un programme fonc-tionnel, peut-on connaˆtre la grammaire des sorties de celui-ci ? Il existe des outils en réécriturè a même de répondrè a cette question, pour certaines fonctions. On peut utiliser ce genre de cal-cul pour détecter des bugs ou, ` a l'inverse, pour prouver des propriétés sur ces fonctions. Dans cet article, nous présentons un travail en cours visant a concevoir un outil de vérification for-melle lég ere pour OCaml. Si l'essentiel des résultats théoriques et outils de réécriture existent déj a, leur application a la vérification de programmes OCaml réalistes nécessite de résoudre un certains nombre deprobì emes. Nous donnerons l'architecture d'un interpr ete abstrait pour OCaml, basés sur ces principes et outils, et nous verrons quelles sont les briques manquantes pour finaliser son développement. 1 Une vérification aussi automatique que l' inférence de type Certains langages de programmation fortement typés (comme Haskell, OCaml, Scala et F#) disposent d'un mécanisme d' inférence de type. Ce mécanisme permet, entre autres, de détecter automatiquement certains types d'erreurs dans les programmes. Pour vérifier plus que le bon typage d'un programme, il est possible de définir des propriétés et, ensuite, de les prouver a l'aide d'un assistant de preuve ou d'un prouveur automatique. Cependant, la formulation de ces propriétés en logique et la construction de la preuverequì erent généralement une certaine expertise. On s' intéresse icì a une famille restreinte de propriétés : des propriétés "régulì eres " portant sur les structures manipulées par ces programmes. On décrit , par une grammaire (d'arbres,régulì ere), l'ensemble de structures données en entréè a une fonction et on cherchè a construire la grammaire des structures pouvant etre obtenues en sortie (ou une approximation). La grammaire de sortie pourra révéler un bug potentiel dans le programme ou, ` a l'inverse, montrer que celui-ci vérifie une propriétérégulì ere. La famille de propriétés démontrables de cette façon est restreinte, même si elle dépasse ce que l'on peut exprimer par typage simple. On peut par exemple distinguer la liste vide de la liste non vide. Une telle distinction est egalement faisable avec des GADTs (Generalized Algebraic DataTypes) mais, ` a notre connaissance, pas le type de raisonnement sur des structures récursives que l'on propose ici. Il existe d'autres approches o` u le syst eme de type est enrichi par des formules logiques et de l' arithmétique [17, 3]. Cependant ces techniques nécessitent généralement d'annoter le programme pour que la vérification de type réussisse. Les propriétés que nous considérons ici sont volontairement plus simples pour eviter au maximum le travail d'annotation. Pour ces propriétés , l'objectif est de proposer une forme de vérification formelle " lég ere ". La vérification est formelle car elle démontre que les résultats d'une fonction ont une certaine forme. La vérification est lég ere car, d'une part, la preuve est automatique, et d'autre part, il n'est pas nécessaire de définir la propriété attendue par une formule logique mais simplement d'observer le résultat d'un calcul abstrait.

Published
2015

43. Proceedings First International Workshop on Graphical Models for Security, GraMSec 2014, Grenoble, France, 12th April, 2014

Author

Kordy, B., Kordy, Barbara, Mauw, S., Mauw, Sjouke, and Pieters, Wolter

Subjects
EWI-25009, EC Grant Agreement nr.: FP7/318003, SCS-Cybersecurity, IR-101940, EC Grant Agreement nr.: FP7/2007-2013, METIS-306005
Abstract

The present volume contains the proceedings of the First International Workshop on Graphical Models for Security (GraMSec'14). The workshop was held in Grenoble, France, on April 12, 2014, as one of the satellite events of the European Joint Conferences on Theory and Practice of Software 2014 (ETAPS'14). Graphical security models provide an intuitive but systematic methodology to analyze security weaknesses of systems and to evaluate potential protection measures. Such models have been subject of academic research and they have also been widely accepted by the industrial sector, as a means to support and facilitate threat analysis and risk management processes. The objective of GraMSec is to contribute to the development of well-founded graphical security models, efficient algorithms for their analysis, as well as methodologies for their practical usage. The workshop brings together academic researchers and industry practitioners designing and employing visual models for security in order to provide a platform for discussion, knowledge exchange and collaborations.

Published
2014

44. A Rewrite Approach for Pattern Containment ��� Application to Query Evaluation on Compressed Documents

Author

Fila-Kordy, Barbara

Subjects
Pattern Containment, Compressed Documents, TheoryofComputation_MATHEMATICALLOGICANDFORMALLANGUAGES, ComputingMethodologies_DOCUMENTANDTEXTPROCESSING
Abstract

In this paper we introduce an approach that allows to handle the containment problem for the fragment XP(/,//,[ ],*) of XPath. Using rewriting techniques we define a necessary and sufficient condition for pattern containment. This rewrite view is then adapted to query evaluation on XML documents, and remains valid even if the documents are given in a compressed form, as dags.

Published
2008
Full Text
View/download PDF

48. Attack–defense trees1.

Author

Kordy, Barbara, Mauw, Sjouke, Radomirović, Saša, and Schweitzer, Patrick

Subjects
COMPUTER network security, QUALITY (Philosophy), DATA protection, COMPUTER crimes, BOOLEAN algebra, BOOLEAN functions
Abstract

Attack–defense trees are a novel methodology for graphical security modelling and assessment. They extend the well- known formalism of attack trees by allowing nodes that represent defensive measures to appear at any level of the tree. This enlarges the modelling capabilities of attack trees and makes the new formalism suitable for representing interactions between an attacker and a defender. Our formalization supports different semantical approaches for which we provide usage scenarios. We also formalize how to quantitatively analyse attack and defense scenarios using attributes. [ABSTRACT FROM AUTHOR]

Published
2014
Full Text
View/download PDF

49. SysML-Sec Attack Graphs: Compact Representations for Complex Attacks

Author

Apvrille, Ludovic, Roudier, Yves, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Mauw, Sjouke, editor, Kordy, Barbara, editor, and Jajodia, Sushil, editor

Published
2016
Full Text
View/download PDF

50. ATSyRa: An Integrated Environment for Synthesizing Attack Trees : (Tool Paper)

Author

Pinchinat, Sophie, Acher, Mathieu, Vojtisek, Didier, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Mauw, Sjouke, editor, Kordy, Barbara, editor, and Jajodia, Sushil, editor

Published
2016
Full Text
View/download PDF

Catalog

Books, media, physical & digital resources
See catalog results