Building a software tool for LOCKS

title:Building a software tool for LOCKS
keywords:Domain specific language, Compiler design, Security properties
topics:Dependability, security and performance, Logics and semantics, Software Technology
contact:R. Kumar MSc & prof.dr.ir. A. Rensink
to be started:As soon as possible

Master in Information security, Master project

Description

In our ongoing work, we are building a domain specific language (DSL) LOCKS, that allow security practitioners to formulate their security goals over a structural attack model SAM. SAM are generic structures encompassing common graphical threat models such as attack trees and attack graphs. Technically, SAM is a set of successful attacks where each attack is a

 partially ordered sets of steps leading to the compromise of an asset, stating for instance that, to infect a computer, we must first get a virus file on a system, and then execute the file. We have endowed LOCKS with a concise syntax, static semantics and denotational semantics. The security goals in LOCKS are the queries computed over the instance of SAM.

The objective of this master thesis is to build a software tool that supports LOCKS. We foresee it consisting of the following steps:

1.       Take an instance of the threat model, for example,  attack tree/ attack graph as input and translate it to  an instance of SAM;

2.       Develop a compiler that can parse the LOCKS grammar;

3.       Design templates of  the security goals that can be instantiated by the user;

4.       Build a framework to query the security goal over the instance of the SAM;

5.       Show the result in a way that can be comprehended by the security practitioner.

  

 

References

  1. 1. Kordy B., Mauw S., Schweitzer P. (2013) Quantitative Questions on Attack–Defense Trees. In: Kwon T., Lee MK., Kwon D. (eds) Information Security and Cryptology – ICISC 2012. ICISC 2012. Lecture Notes in Computer Science, vol 7839. Springer, Berlin, Heidelberg