Development of a Semantic Threat Modeling and Analysis Framework

Astract:

Information technology has been growing fast in the past years. Security topics for these technologies are becoming more and more important. Thus, the term IT-security is employed to the security topics of information technology. In IT-security, assets are valuable things for an organization [Int04]. The Attack Vector is the route by which an attacker performed to access and compromise the asset. The attack vectors can be represented by an attack tree, when they have the same asset as their target. The root asset is the root of the attack tree. In order to identify the targets of the attack in our attack tree, an ontology is used to express the explicit entities in the system. Additionally, the attack potential, which means the perceived effort to be expended in successfully attacking the target expressed in terms of an attacker’s expertise, is used to evaluate the attack vector. Therefore the process and methods are explicitly explained in the Common Methodology for Information Technology Security Evaluation [Cem]. This thesis addresses the problem of the attack vectors not generated automatically. This leads to the disadvantages as the analysis of attacks will be costly in terms of time and money [FGE+07]. On the other hand, the manual procedure is error-prone. Therefore, this thesis presents the approach to automatically generate a semantic attack vector modeling based on the ontology for the Smart Grid Architecture Model. As major contributions we designed and implemented a java framework that reads the ontology of the system; more over, our framework will query the database to identify the root asset and the related attack vectors. After the evaluation of the access points in the attack vector with expert knowledge, the framework can apply the propagation rule and generate a colorful attack tree to represent the attack vector. The solution in this thesis gives the users advantages as it is accurate and easier to understand.