kth.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
A Metalanguage for Dynamic Attack Graphs and Lazy Generation
KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.ORCID iD: 0000-0002-6762-3662
KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.
KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.ORCID iD: 0000-0003-3922-9606
2024 (English)In: ARES 2024 - 19th International Conference on Availability, Reliability and Security, Proceedings, Association for Computing Machinery , 2024, article id 31Conference paper, Published paper (Refereed)
Abstract [en]

Two types of dynamics are important when modeling cyberattacks: how adversaries chain together techniques across systems and how they change the target systems. Attack graphs are prominent within research communities for automatically mapping and chaining together actions. Modeling adversary-driven system changes is comparatively unexplored, however. One reason could be that modeling adversarial change dynamics poses a blend of problems where the typical attack graph approaches could produce state-space explosions and infinite graphs. Therefore, this work presents the core modeling aspects of the Dynamic Meta Attack Language (DynaMAL), a project to lazily generate attack graphs by combining attack graph construction and simulation methods. DynaMAL lets users declare domain-specific modeling and attack graph generation languages. Then, the attack graphs are generated one step at a time based on the actions of an adversary agent. By only generating what is explicitly requested, DynaMAL can demonstrably change the system model as the attack graph grows while sidestepping typical state-space explosions and graph re-calculation problems. Shifting to a lazy generation process poses new challenges, however. Nevertheless, there is likely a point where lazy approaches will prevail when analyzing large and complex systems.

Place, publisher, year, edition, pages
Association for Computing Machinery , 2024. article id 31
Keywords [en]
attack graph, attack simulation, dynamic attack graph, graph construction, lazy generation, metalanguage
National Category
Control Engineering Computer Sciences
Identifiers
URN: urn:nbn:se:kth:diva-351959DOI: 10.1145/3664476.3664508Scopus ID: 2-s2.0-85200386230OAI: oai:DiVA.org:kth-351959DiVA, id: diva2:1890175
Conference
19th International Conference on Availability, Reliability and Security, ARES 2024, Vienna, Austria, Jul 30 2024 - Aug 2 2024
Note

Part of ISBN [9798400717185]

QC 20240830

Available from: 2024-08-19 Created: 2024-08-19 Last updated: 2024-08-30Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Engström, ViktorNebbione, GiuseppeEkstedt, Mathias

Search in DiVA

By author/editor
Engström, ViktorNebbione, GiuseppeEkstedt, Mathias
By organisation
Network and Systems Engineering
Control EngineeringComputer Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 89 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf