Accéder directement au contenu Accéder directement à la navigation
Communication dans un congrès

A Role Modeling Based Approach for Cyber Threat Analysis

Bastien Drouot 1 Fahad R. Golra Joël Champeau 1
1 Lab-STICC_ENSTAB_ CACS_MOCS
Lab-STICC - Laboratoire des sciences et techniques de l'information, de la communication et de la connaissance
Abstract : Using DSMLs, the domain experts can express their models in a language that is relevant to the problem area. However, it also adds the complexity of interoperability between these languages, specially for application areas that encompass multiple domains. One such application area, Cyber Threat Analysis (CTA), is at the intersection of various domains that can evolve independently: system modeling, attacker modeling and threat description. In this paper, we present an approach to address CTA interoperability issues based on role modeling. The proposed language provides a mechanism to define shared semantics between DSMLs relative to the CTA. The concept of a role is central to our approach, presented as Role4All framework. These roles allow us to federate different DSMLs to generate an attacker’s viewpoint. Our approach is illustrated using a case study on the development of an attacker’s viewpoint based on the federation of multiple domain models. Interoperability between the domain models is crucial to apply dedicated algorithms and interpretations on the attacker’s viewpoint. We used this attacker viewpoint to simulate attacks on a system for security analysis.
Type de document :
Communication dans un congrès
Liste complète des métadonnées

https://hal.archives-ouvertes.fr/hal-02461502
Contributeur : Marie Briec <>
Soumis le : jeudi 30 janvier 2020 - 16:53:43
Dernière modification le : lundi 30 novembre 2020 - 17:12:02

Identifiants

Citation

Bastien Drouot, Fahad R. Golra, Joël Champeau. A Role Modeling Based Approach for Cyber Threat Analysis. MODELSWARD 2019 - 7th International Conference on Model-Driven Engineering and Software Development, Feb 2019, Prague, Czech Republic. pp.76-100, ⟨10.1007/978-3-030-37873-8_4⟩. ⟨hal-02461502⟩

Partager

Métriques

Consultations de la notice

60