Rick Hindriks - Vulnerability Analysis of Cyber Security Modelling Language models using Probabilistic Logic

author:Rick Hindriks
title:Vulnerability Analysis of Cyber Security Modelling Language models using Probabilistic Logic
keywords:
topics:Dependability, security and performance, Software Technology
committee:prof.dr.ir. A. Rensink (1st supervisor)
dr. M.I.A. Stoelinga
Frank Franssen (TNO)
graduation date:9 December 2016


Abstract

Computer systems are an essential asset of large companies such as banks, financial institutions, utility companies and telecommunication providers. Given their important roles for the functioning of society, these companies are under a constant threat of cyberattacks. Enterprises rely on the availability of these complex ICT systems for their day-to-day operations, and disruptions in the availability of these systems can have disastrous consequences. Given the growing complexity of the attacks and the growing size of network infrastructures, security experts require the use of automated tools to determine the security of their systems. To this end, we propose an automated method for the analysis of vulnerabilities within network architectures, based on the Cyber Security Modelling Language[35] (CySeMoL). We aim to improve the time required for inferring the likelihood of a successful cyberattack in a given network infrastructure, based on the threat model defined by CySeMoL. We define an alternative implementation of the vulnerability analysis using Probabilistic Logic[17] (ProbLog). By using a model-based approach to the analysis of CySeMoL, we provide an extensible method for the development of such an alternative analysis. We have succeeded in achieving this by using intermediate models which capture the threat model of CySeMoL and the definition of concrete network infrastructures. However, our measurements show that the proposed analysis method using ProbLog does not perform better than CySeMoL for larger models.