Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Probabilistic Modeling and Simulation of Vehicular Cyber Attacks: An Application of the Meta Attack Language
KTH, School of Electrical Engineering and Computer Science (EECS), Network and Systems Engineering.ORCID iD: 0000-0001-8287-3160
KTH, School of Electrical Engineering and Computer Science (EECS), Network and Systems Engineering.
KTH, School of Electrical Engineering and Computer Science (EECS), Network and Systems Engineering.ORCID iD: 0000-0003-3089-3885
2019 (English)In: ICISSP 2019 - Proceedings of the 5th International Conference on Information Systems Security and Privacy, SciTePress, 2019, p. 175-182Conference paper, Published paper (Refereed)
Description
Abstract [en]

Attack simulations are a feasible means to assess the cyber security of systems. The simulations trace the steps taken by an attacker to compromise sensitive system assets. Moreover, they allow to estimate the time conducted by the intruder from the initial step to the compromise of assets of interest. One commonly accepted approach for such simulations are attack graphs, which model the attack steps and their dependencies in a formal way. To reduce the effort of creating new attack graphs for each system of a given type, domain-specific attack languages may be employed. They codify common attack logics of the considered domain. Consequently, they ease the reuse of models and, thus, facilitate the modeling of a specific system in the domain. Previously, MAL (the Meta Attack Language) was proposed, which serves as a framework to develop domain specific attack languages. In this article, we present vehicleLang, a Domain Specific Language (DSL) which can be used to model vehicles with respect to their IT infrastructure and to analyze their weaknesses related to known attacks. To model domain specifics in our language, we rely on existing literature and verify the language using an interview with a domain expert from the automotive industry. To evaluate our results, we perform a Systematic Literature Review (SLR) to identify possible attacks against vehicles. Those attacks serve as a blueprint for test cases checked against the vehicleLang specification.

Place, publisher, year, edition, pages
SciTePress, 2019. p. 175-182
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:kth:diva-241253Scopus ID: 2-s2.0-85063256810ISBN: 9789897583599 (print)OAI: oai:DiVA.org:kth-241253DiVA, id: diva2:1279445
Conference
5th International Conference on Information Systems Security and Privacy, ICISSP 2019; Prague; Czech Republic; 23 February 2019 through 25 February 2019
Funder
VinnovaStandUp
Note

QC 20190524

Available from: 2019-01-16 Created: 2019-01-16 Last updated: 2019-08-05Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

ScopusConference

Search in DiVA

By author/editor
Katsikeas, SotiriosJohnson, PontusHacks, SimonLagerström, Robert
By organisation
Network and Systems Engineering
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar

isbn
urn-nbn

Altmetric score

isbn
urn-nbn
Total: 304 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf