Change search
ReferencesLink to record
Permanent link

Direct link
Empirical Testing of the CySeMoL Tool for Cyber Security Assessment – Case Study of Linux Server and MySQL
KTH, School of Electrical Engineering (EES).
2016 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

In this Master Thesis, several common applications used with MySQL and Linux server are modelled using the Enterprise Architecture Analysis Tool (EAAT) and the Cyber Security Modelling Language (CySeMoL), both developed by the Department of Industrial Information and Control System (ICS) at KTH. The objective of this study is to use the CySeMoL tool to evaluate the feasibility and correctness of the tool by simulating some particular type of attacks on a real life Linux server. A few common applications with MySQL on a Linux server and two Linux operating system services are modelled and explained together with their detailed information and defense mechanisms. A real life penetration test has then been carried out in order to validate the simulated results from the tool. The results of the analysis suggest that the security vulnerability predictions done by CySeMoL on a Linux server has good predictive performance.

Abstract [sv]

I denna Masteruppsats modelleras ett antal vanliga applikationer på en MySQL- och Linuxplattform med hjälp av Enterprise Architecture Analysis Tool (EAAT) tillsammans med Cybersecurity Modeling Language (CySeMoL). Båda dessa är utvecklade vid avdelningen för industriella informations- och styrsystem (ICS) på KTH. Syftet med denna studie är att validera korrektheten av CySeMoL-verktygets sårbarhetsprediktioner genom att simulera ett antal specifika cyberattacker mot en Linuxplattform. Ett antal vanligt förekommande applikationer på en MySQL-plattform samt två operativsystemstjänster i en Linuxserver modelleras. Penetrationstest utförs därefter för att validera resultaten som simuleras i CySeMoL-verktyget. Studien visar att CySeMols förutsägelser stämmer väl med resultaten av penetrationstesterna.

Place, publisher, year, edition, pages
2016. , 74 p.
EES Examensarbete / Master Thesis, TRITA-EE 2016:003
Keyword [en]
Cyber Security, CySeMoL, EAAT, Operating System, Server, Application Modeling.
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
URN: urn:nbn:se:kth:diva-187664OAI: diva2:930970
Available from: 2016-05-26 Created: 2016-05-26 Last updated: 2016-05-26Bibliographically approved

Open Access in DiVA

fulltext(2437 kB)54 downloads
File information
File name FULLTEXT01.pdfFile size 2437 kBChecksum SHA-512
Type fulltextMimetype application/pdf

By organisation
School of Electrical Engineering (EES)
Electrical Engineering, Electronic Engineering, Information Engineering

Search outside of DiVA

GoogleGoogle Scholar
Total: 54 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 492 hits
ReferencesLink to record
Permanent link

Direct link