A Mathematical Modeling of Exploitations and Mitigation Techniques Using Set Theory

Branco, Rodrigo; Hu, Kekai; Kawakami, Henrique; Sun, Kaiqi

doi:10.1109/spw.2018.00050

Cited by 2 publications

(2 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Prior works formalized security problems using game theory (e.g., FLIPIT [41], [24]), "weird machines" [10], attack trees [43], Markov models [40], and other methods. Prior notions of attacker quality include O-complexity [9], expected information loss [38], or success probability [30], which is similar to our concept of ∀ versus ∃-attackers. Attacker synthesis work exists in cyber-physical systems [33,5,20,26,30].…”

Section: Related Workmentioning

confidence: 99%

Automated Attacker Synthesis for Distributed Protocols

Hippel

Vick

Tripakis

et al. 2020

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Distributed protocols should be robust to both benign malfunction (e.g. packet loss or delay) and attacks (e.g. message replay) from internal or external adversaries. In this paper we take a formal approach to the automated synthesis of attackers, i.e. adversarial processes that can cause the protocol to malfunction. Specifically, given a formal threat model capturing the distributed protocol model and network topology, as well as the placement, goals, and interface (inputs and outputs) of potential attackers, we automatically synthesize an attacker. We formalize four attacker synthesis problems -across attackers that always succeed versus those that sometimes fail, and attackers that attack forever versus those that do not -and we propose algorithmic solutions to two of them. We report on a prototype implementation called KORG and its application to TCP as a case-study. Our experiments show that KORG can automatically generate well-known attacks for TCP within seconds or minutes.

show abstract

Section: Related Workmentioning

confidence: 99%

Automated Attacker Synthesis for Distributed Protocols

Hippel

Vick

Tripakis

et al. 2020

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…Finally, [25] gives an abstract set-theoretic model to evaluate the security level brought by a mitigation scheme with respect to a given set of exploits. However, this model relies on a very high-level quantification on "how much" a mitigation hardens the probability that an exploit occurs (in terms of big O notation).…”

Section: Related Workmentioning

confidence: 99%

Countermeasures Optimization in Multiple Fault-Injection Context

Boespflug

Ene

Mounier

et al. 2020

2020 Workshop on Fault Detection and Tolerance in Cryptography (FDTC)

View full text Add to dashboard Cite

Fault attacks consist in changing the program behavior by injecting faults at run-time, either at hardware or at software level. Their goal is to change the correct progress of the algorithm and hence, either to allow gaining some privilege access or to allow retrieving some secret information based on an analysis of the deviation of the corrupted behavior with respect to the original one. Countermeasures have been proposed to protect embedded systems by adding spatial, temporal or information redundancy at hardware or software level. First we define Countermeasures Check Point (CCP) and CCPs-based countermeasures as an important subclass of countermeasures. Then we propose a methodology to generate an optimal protection scheme for CCPs-based countermeasure. Finally we evaluate our work on a benchmark of code examples with respect to several Control Flow Integrity (CFI) oriented existing protection schemes.

show abstract

A Mathematical Modeling of Exploitations and Mitigation Techniques Using Set Theory

Cited by 2 publications

References 4 publications

Automated Attacker Synthesis for Distributed Protocols

Automated Attacker Synthesis for Distributed Protocols

Countermeasures Optimization in Multiple Fault-Injection Context

Contact Info

Product

Resources

About