Probabilistic Modeling and Simulation of Vehicular Cyber Attacks: An Application of the Meta Attack Language

Attack simulations are a feasible means to assess the cyber security of systems. The simulations trace the steps taken by an attacker to compromise sensitive system assets. Moreover, they allow to ...

[1]  Mathias Ekstedt,et al.  Information Management & Computer Security Estimates of success rates of remote arbitrary code execution attacks , 2017 .

[2]  Craig A. Smith,et al.  The Car Hacker's Handbook: A Guide for the Penetration Tester , 2016 .

[3]  Jan Jürjens,et al.  Secure systems development with UML , 2004 .

[4]  Christof Paar,et al.  Security in Automotive Bus Systems , 2004 .

[5]  Tomas Olovsson,et al.  Security aspects of the in-vehicle network in the connected car , 2011, 2011 IEEE Intelligent Vehicles Symposium (IV).

[6]  Samir Chatterjee,et al.  A Design Science Research Methodology for Information Systems Research , 2008 .

[7]  Chua-Chin Wang,et al.  Bus Guardian Design for automobile networking ecu nodes compliant with FlexRay standards , 2008, 2008 IEEE International Symposium on Consumer Electronics.

[8]  Robert J. Ellison,et al.  Attack Trees , 2009, Encyclopedia of Biometrics.

[9]  Hirofumi Yamashita,et al.  Automotive Attacks and Countermeasures on LIN-Bus , 2017, J. Inf. Process..

[10]  Barbara Kordy,et al.  Foundations of Attack-Defense Trees , 2010, Formal Aspects in Security and Trust.

[11]  Paolo Giorgini,et al.  Modelling and reasoning about security requirements in socio-technical systems , 2015, Data Knowl. Eng..

[12]  Richard T. Watson,et al.  Analyzing the Past to Prepare for the Future: Writing a Literature Review , 2002, MIS Q..

[13]  Richard Lippmann,et al.  Modeling Modern Network Attacks and Countermeasures Using Attack Graphs , 2009, 2009 Annual Computer Security Applications Conference.

[14]  Capers Jones,et al.  Embedded Software: Facts, Figures, and Future , 2009, Computer.

[15]  Ruth Breu,et al.  Model-Driven Security Engineering for Trust Management in SECTET , 2007, J. Softw..

[16]  D. Pinto Secrets and Lies: Digital Security in a Networked World , 2003 .

[17]  Martin Lukasiewycz,et al.  Security analysis of automotive architectures using probabilistic model checking , 2015, 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[18]  Kang G. Shin,et al.  Error Handling of In-vehicle Networks Makes Them Vulnerable , 2016, CCS.

[19]  R. Newman Computer Security: Protecting Digital Resources , 2009 .

[20]  Matti Valovirta,et al.  Experimental Security Analysis of a Modern Automobile , 2011 .

[21]  Marko Wolf Security engineering for vehicular IT systems : improving the trustworthiness and dependability of automotive IT applications , 2009 .

[22]  Mathias Ekstedt,et al.  Success Rate of Remote Code Execution Attacks - Expert Assessments and Observations , 2012, J. Univers. Comput. Sci..

[23]  Khurram Shahzad,et al.  Securi CAD by Foreseeti: A CAD Tool for Enterprise Cyber Security Management , 2015, 2015 IEEE 19th International Enterprise Distributed Object Computing Workshop.

[24]  Sushil Jajodia,et al.  Advances in Topological Vulnerability Analysis , 2009, 2009 Cybersecurity Applications & Technology Conference for Homeland Security.

[25]  Khurram Shahzad,et al.  P2CySeMoL: Predictive, Probabilistic Cyber Security Modeling Language , 2015, IEEE Trans. Dependable Secur. Comput..

[26]  Alan R. Hevner,et al.  Design Science in Information Systems Research , 2004, MIS Q..

[27]  Mathias Ekstedt,et al.  A Meta Language for Threat Modeling and Attack Simulations , 2018, ARES.

[28]  Richard Lippmann,et al.  GARNET: A Graphical Attack Graph and Reachability Network Evaluation Tool , 2008, VizSEC.

[29]  David A. Basin,et al.  A decade of model-driven security , 2011, SACMAT '11.

[30]  Barbara Kordy,et al.  DAG-based attack and defense modeling: Don't miss the forest for the attack trees , 2013, Comput. Sci. Rev..

[31]  Sjouke Mauw,et al.  Foundations of Attack Trees , 2005, ICISC.