Probabilistic Modeling and Simulation of Vehicular Cyber Attacks: An Application of the Meta Attack Language

Sotirios Katsikeas, Pontus Johnson, Simon Hacks, Robert Lagerström

Abstract

Attack simulations are a feasible means to assess the cyber security of systems. The simulations trace the steps taken by an attacker to compromise sensitive system assets. Moreover, they allow to estimate the time conducted by the intruder from the initial step to the compromise of assets of interest. One commonly accepted approach for such simulations are attack graphs, which model the attack steps and their dependencies in a formal way. To reduce the effort of creating new attack graphs for each system of a given type, domain-specific attack languages may be employed. They codify common attack logics of the considered domain. Consequently, they ease the reuse of models and, thus, facilitate the modeling of a specific system in the domain. Previously, MAL (the Meta Attack Language) was proposed, which serves as a framework to develop domain specific attack languages. In this article, we present vehicleLang, a Domain Specific Language (DSL) which can be used to model vehicles with respect to their IT infrastructure and to analyze their weaknesses related to known attacks. To model domain specifics in our language, we rely on existing literature and verify the language using an interview with a domain expert from the automotive industry. To evaluate our results, we perform a Systematic Literature Review (SLR) to identify possible attacks against vehicles. Those attacks serve as a blueprint for test cases checked against the vehicleLang specification.

Download


Paper Citation


in Harvard Style

Katsikeas S., Johnson P., Hacks S. and Lagerström R. (2019). Probabilistic Modeling and Simulation of Vehicular Cyber Attacks: An Application of the Meta Attack Language.In Proceedings of the 5th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-359-9, pages 175-182. DOI: 10.5220/0007247901750182


in Bibtex Style

@conference{icissp19,
author={Sotirios Katsikeas and Pontus Johnson and Simon Hacks and Robert Lagerström},
title={Probabilistic Modeling and Simulation of Vehicular Cyber Attacks: An Application of the Meta Attack Language},
booktitle={Proceedings of the 5th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2019},
pages={175-182},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0007247901750182},
isbn={978-989-758-359-9},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 5th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Probabilistic Modeling and Simulation of Vehicular Cyber Attacks: An Application of the Meta Attack Language
SN - 978-989-758-359-9
AU - Katsikeas S.
AU - Johnson P.
AU - Hacks S.
AU - Lagerström R.
PY - 2019
SP - 175
EP - 182
DO - 10.5220/0007247901750182