Towards enhanced threat modelling and analysis using a Markov Decision Process

Malik，Saif U.R.1; Anjum，Adeel2,3; Moqurrab，Syed Atif4,5; Srivastava，Gautam6,7

2022-10-01

10.1016/j.comcom.2022.07.038

COMPUTER COMMUNICATIONS   Impact Factor & Quartile

0140-3664

1873-703X

The complexity of socio-technical systems using Ambient Intelligence (AmI) and the Internet of Things (IoT) is growing exponentially, involving numerous entities, such as humans, infrastructures, and cyber systems. Achieving and maintaining a specified level of security and privacy in such systems is challenging and crucial. Attack Tree is a powerful technique used in safety and reliability engineering. In this paper, we attempted to enhance Attack Tree analysis by transforming it into a Markov Decision Process (MDP) model. We propose an algorithm to transform an Attack Tree into an MDP model. We argue that formal methods, such as probabilistic model checking can significantly improve the security analysis capabilities. Moreover, the mixture of MDP and probabilistic model checking can overcome the limitations of Attack Trees, such as state explosion, scalability, and manual interaction. We used a probabilistic model checker, namely PRISM to model an attack scenario and perform security analysis on it. To demonstrate the significance, we took a real-world use case and performed a probabilistic analysis on it. The results revealed that formal analysis can prove certain properties, which were not possible to verify using attack trees.

Attack Trees Formal methods Markov Decision Process Probabilistic model checking Security analysis

EI ; SCI

English

Others

Computer Science ; Engineering ; Telecommunications

Computer Science, Information Systems ; Engineering, Electrical & Electronic ; Telecommunications

WOS:000877591800001

ELSEVIER

20223512649765

Cybersecurity ; Forestry ; Formal methods ; Internet of things ; Model checking ; Security systems ; Trees (mathematics)

Computer Theory, Includes Formal Logic, Automata Theory, Switching Theory, Programming Theory:721.1 ; Data Communication, Equipment and Techniques:722.3 ; Computer Software, Data Handling and Applications:723 ; Computer Programming:723.1 ; Data Processing and Image Processing:723.2 ; Computer Applications:723.5 ; Agricultural Equipment and Methods; Vegetation and Pest Control:821 ; Accidents and Accident Prevention:914.1 ; Combinatorial Mathematics, Includes Graph Theory, Set Theory:921.4 ; Probability Theory:922.1

COMPUTER SCIENCE

2-s2.0-85136714963

Scopus

1.Information Technology Institute,Cybernetica AS Tallinn,Estonia
2.Institute of Information Technology,Quaid-i-Azam University Islamabad,Pakistan
3.Southern University of Science and Technology (SUSTECH),Shenzhen,China
4.Department of Computer Science,FCAI,Air University,Islamabad,Pakistan
5.Department of Computer Sciences,COMSATS University,Islamabad,Pakistan
6.Department of Mathematics and Computer Science,Brandon University,Brandon,R7A 6A9,Canada
7.Research Center for Interneural Computing,China Medical University,Taichung,40402,Taiwan

Malik，Saif U.R.,Anjum，Adeel,Moqurrab，Syed Atif,et al. Towards enhanced threat modelling and analysis using a Markov Decision Process[J]. COMPUTER COMMUNICATIONS,2022,194:282-291.

Malik，Saif U.R.,Anjum，Adeel,Moqurrab，Syed Atif,&Srivastava，Gautam.(2022).Towards enhanced threat modelling and analysis using a Markov Decision Process.COMPUTER COMMUNICATIONS,194,282-291.

Malik，Saif U.R.,et al."Towards enhanced threat modelling and analysis using a Markov Decision Process".COMPUTER COMMUNICATIONS 194(2022):282-291.