A polytope-based approach to measure the impact of events against critical infrastructures

Abstract This paper provides a method to calculate the impact of cyber attacks and security countermeasures in a multi-dimensional coordinate system. The method considers the simulation of services, attacks and countermeasures in at least one dimensional coordinate system, the projection of which originates geometrical instances (e.g., lines, squares, rectangles, hyper-cubes). Such instances are measured through geometrical operations (i.e., length, area, volume, hyper-volume), so that we determine the impact of complex attacks arriving on the system, as well as the impact of the implementation of single and/or multiple countermeasures selected to mitigate the effects of such detected attacks. As a result, we are able to measure the size of cyber events, which allows us to determine the mitigation level of the incidents, as well as, residual risks, and potential collateral damages. A case study of a critical infrastructure system is provided to show the applicability of the model.

[1]  Nora Cuppens-Boulahia,et al.  Dynamic deployment of context-aware access control policies for constrained security devices , 2011, J. Syst. Softw..

[2]  A. M. Mathai An Introduction to Geometrical Probability: Distributional Aspects with Applications , 1999 .

[3]  Averill M. Law,et al.  How to build valid and credible simulation models , 2008, 2008 Winter Simulation Conference.

[4]  David A. Cook How to Perform Credible Verification , Validation , and Accreditation for Modeling and Simulation , 2005 .

[5]  Ulrike Wirth,et al.  A Course In The Geometry Of N Dimensions , 2016 .

[6]  Brian Haberman,et al.  Special-Purpose IP Address Registries , 2013, RFC.

[7]  Miles McQueen,et al.  Measuring the attack surfaces of two FTP daemons , 2006, QoP '06.

[8]  Joseph D. Touch,et al.  Updated Specification of the IPv4 ID Field , 2013, RFC.

[9]  Hervé Debar,et al.  Using a 3D Geometrical Model to Improve Accuracy in the Evaluation and Selection of Countermeasures Against Complex Cyber Attacks , 2015, SecureComm.

[10]  Averill M. Law How to Build Valid and Credible Simulation Models , 2019, 2019 Winter Simulation Conference (WSC).

[11]  W. RobertsBryan,et al.  The Macroeconomic Impacts of the 9/11 Attack: Evidence from Real-Time Forecasting , 2009 .

[12]  Bryan W. Roberts,et al.  The Macroeconomic Impacts of the 9/11 Attack: Evidence from Real-Time Forecasting , 2009 .

[13]  Thomas Norman Risk Analysis and Security Countermeasure Selection , 2009 .

[14]  H. Coxeter,et al.  Regular Complex Polytopes , 1991 .

[15]  G. G. Stokes "J." , 1890, The New Yale Book of Quotations.

[16]  Barbara Kordy,et al.  DAG-based attack and defense modeling: Don't miss the forest for the attack trees , 2013, Comput. Sci. Rev..

[17]  Maurice G. Kendall,et al.  A Course in the Geometry of n Dimensions , 1962 .

[18]  Barbara Kordy,et al.  A Probabilistic Framework for Security Scenarios with Dependent Actions , 2014, IFM.

[19]  Frédéric Cuppens,et al.  Organization based access control , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.

[20]  Sankaran Mahadevan,et al.  Quantitative model validation techniques: New insights , 2012, Reliab. Eng. Syst. Saf..

[21]  Frédéric Cuppens,et al.  Modelling contexts in the Or-BAC model , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..

[22]  Stuart Cheshire,et al.  Internet Assigned Numbers Authority (IANA) Procedures for the Management of the Service Name and Transport Protocol Port Number Registry , 2011, RFC.

[23]  Stephen E. Deering,et al.  Internet Protocol, Version 6 (IPv6) Specification , 1995, RFC.

[24]  Hervé Debar,et al.  Selecting optimal countermeasures for attacks against critical systems using the attack volume model and the RORI index , 2015, Comput. Electr. Eng..

[25]  Jeannette M. Wing,et al.  An Attack Surface Metric , 2011, IEEE Transactions on Software Engineering.

[27]  M. R. Spiegel Mathematical handbook of formulas and tables , 1968 .

[28]  B. Enquist,et al.  The n‐dimensional hypervolume , 2014 .

[29]  P. Sanders,et al.  DoD Modeling and Simulation (M&S) Verification, Validation, and Accreditation (VV&A), , 1996 .

[30]  Hervé Debar,et al.  Attack Volume Model: Geometrical Approach and Application , 2015, CRiSIS.

[31]  M. H. Schultz,et al.  Topological properties of hypercubes , 1988, IEEE Trans. Computers.

[32]  Nora Cuppens-Boulahia,et al.  Modeling contextual security policies , 2008, International Journal of Information Security.

[33]  D. Burago,et al.  A Course in Metric Geometry , 2001 .

[34]  Barbara Kordy,et al.  Attack-defense trees , 2014, J. Log. Comput..

[35]  Andrew J. Hanson,et al.  Geometry for N-Dimensional Graphics , 1994, Graphics Gems.

[36]  Michael Howard,et al.  Measuring Relative Attack Surfaces , 2005 .