Implementing the ADVISE security modeling formalism in Möbius

The ADversary VIew Security Evaluation (ADVISE) model formalism provides a system security model from the perspective of an adversary. An ADVISE atomic model consists of an attack execution graph (AEG) composed of attack steps, system state variables, and attack goals, as well as an adversary profile that defines the abilities and interests of a particular adversary. The ADVISE formalism has been implemented as a Möbius atomic model formalism in order to leverage the existing set of mature modeling formalisms and solution techniques offered by Möbius. This tool paper explains the ADVISE implementation in Möbius and provides technical details for Möbius users who want to use ADVISE either alone or in combination with other modeling formalisms provided by Möbius.

[1]  Richard Lippmann,et al.  Visualizing attack graphs, reachability, and trust relationships with NAVIGATOR , 2010, VizSec '10.

[2]  Sushil Jajodia Topological analysis of network attack vulnerability , 2007, ASIACCS '07.

[3]  Robert Harris,et al.  The Definitive Guide to SWT and JFace , 2004, Apress.

[4]  Jeff McAffer,et al.  Eclipse Rich Client Platform , 2010 .

[5]  William H. Sanders,et al.  Möbius: An Extensible Tool for Performance and Dependability Modeling , 2000, Computer Performance Evaluation / TOOLS.

[6]  Jay M. Doyle,et al.  Abstract Model Specification Using the Möbius Modeling Tool , 2000 .

[7]  Steve Northover,et al.  SWT : the standard widget toolkit , 2004 .

[8]  William H. Sanders,et al.  Model-based Security Metrics Using ADversary VIew Security Evaluation (ADVISE) , 2011, 2011 Eighth International Conference on Quantitative Evaluation of SysTems.

[9]  William H. Sanders,et al.  The Möbius state-level abstract functional interface , 2002, Perform. Evaluation.

[10]  Richard Lippmann,et al.  GARNET: A Graphical Attack Graph and Reachability Network Evaluation Tool , 2008, VizSEC.

[11]  William H. Sanders,et al.  State-Based Analysis in ADVISE , 2012, 2012 Ninth International Conference on Quantitative Evaluation of Systems.

[12]  William H. Sanders,et al.  Stochastic Activity Networks: Formal Definitions and Concepts , 2002, European Educational Forum: School on Formal Methods and Performance Analysis.

[13]  Richard Lippmann,et al.  Practical Attack Graph Generation for Network Defense , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[14]  Sushil Jajodia,et al.  Topological analysis of network attack vulnerability , 2006, PST.

[15]  Kenneth Prole,et al.  A Graph-Theoretic Visualization Approach to Network Risk Analysis , 2008, VizSEC.

[16]  Gregory S. Parnell,et al.  Mission Oriented Risk and Design Analysis of Critical Information Systems , 2005 .

[17]  Aaron James Stillman,et al.  Model Composition Within the Möbius Modeling Framework , 1999 .

[18]  S. R. Watson,et al.  Decision Synthesis: The Principles and Practice of Decision Analysis@@@Strategic and Tactical Decisions , 1989 .

[19]  William H. Sanders,et al.  Adversary-driven state-based system security evaluation , 2010, MetriSec '10.

[20]  William H. Sanders,et al.  The Möbius Framework and Its Implementation , 2002, IEEE Trans. Software Eng..