Modeling and execution of complex attack scenarios using interval timed colored Petri nets

The commonly used flaw hypothesis model (FHM) for performing penetration tests provides only limited, high level guidance for the derivation of actual penetration attempts. In this paper, a mechanism for the systematic modeling, simulation, and exploitation of complex multistage and multiagent vulnerabilities in networked and distributed systems based on stochastic and interval-timed colored Petri nets is described and analyzed through case studies elucidating several properties of Petri net variants and their suitability to modeling this type of attack

[1]  Bruce Schneier,et al.  Toward a secure system engineering methodolgy , 1998, NSPW '98.

[2]  Alexandre Zenie,et al.  Colored Stochastic Petri Nets , 1985, PNPM.

[3]  James P. McDermott,et al.  Attack net penetration testing , 2001, NSPW '00.

[4]  Gerald Popek,et al.  Pattern-Directed Protection Valuation , 1975 .

[5]  Wil M. P. van der Aalst,et al.  Analysis of railway stations by means of interval timed coloured Petri nets , 1995, Real-Time Systems.

[6]  C. Petri Kommunikation mit Automaten , 1962 .

[7]  Jeffrey J. P. Tsai,et al.  Compositional verification of concurrent systems using Petri-net-based condensation rules , 1998, TOPL.

[8]  Dennis Hollingworth,et al.  Security Test and Evaluation Tools: An Approach to Operating System Security Analysis, , 1974 .

[9]  Peter Radford,et al.  Petri Net Theory and the Modeling of Systems , 1982 .

[10]  Shyhtsun Felix Wu,et al.  Real-time protocol analysis for detecting link-state routing protocol attacks , 2001, TSEC.

[11]  Marco Ajmone Marsan,et al.  Modelling with Generalized Stochastic Petri Nets , 1995, PERV.

[12]  J. Watson The Texas Instruments advanced scientific computer , 1899 .

[13]  Xia Wang,et al.  Software fault tree and coloured Petri net-based specification, design and implementation of agent-based intrusion detection systems , 2007, Int. J. Inf. Comput. Secur..

[14]  C. H. Lie,et al.  Fault Tree Analysis, Methods, and Applications ߝ A Review , 1985, IEEE Transactions on Reliability.

[15]  Matt Bishop,et al.  Checking for Race Conditions in File Accesses , 1996, Comput. Syst..

[16]  S. Jajodia,et al.  Information Security: An Integrated Collection of Essays , 1994 .

[17]  Richard R. Linde,et al.  Operating system penetration , 1975, AFIPS '75.

[18]  Murugiah P. Souppaya,et al.  Guideline on Network Security Testing , 2003 .

[19]  Markus Schumacher,et al.  Collaborative attack modeling , 2002, SAC '02.

[20]  R. P. Abbott,et al.  Security Analysis and Enhancements of Computer Operating Systems , 1976 .

[21]  Eugene H. Spafford,et al.  A pattern-matching model for intrusion detection , 1994 .

[22]  P. A. Karger,et al.  Multics security evaluation: vulnerability analysis , 2002, 18th Annual Computer Security Applications Conference, 2002. Proceedings..

[23]  Virgil D. Gligor,et al.  Towards a theory of penetration-resistant systems and its applications , 1991, Proceedings Computer Security Foundations Workshop IV.

[24]  Wolfgang Reisig Petri Nets: An Introduction , 1985, EATCS Monographs on Theoretical Computer Science.

[25]  Daniel Geer,et al.  Penetration testing: a duet , 2002, 18th Annual Computer Security Applications Conference, 2002. Proceedings..

[26]  Herbert H. Thompson Application Penetration Testing , 2005, IEEE Secur. Priv..

[27]  Matt Bishop,et al.  About Penetration Testing , 2007, IEEE Security & Privacy.

[28]  Wil M. P. van der Aalst Interval Timed Coloured Petri Nets and their Analysis , 1993, Application and Theory of Petri Nets.

[29]  Robert H. Sloan,et al.  Stubborn Sets for Real-Time Petri Nets , 1997, Formal Methods Syst. Des..