Abstract
Analyzing attacks and potential attack paths can help to identify and avoid potential security incidents. Manually estimating an attack path to a targeted software element can be complex since a software system consists of multiple vulnerable elements, such as components, hardware resources, or network elements. In addition, the elements are protected by access control. Software architecture describes the structural elements of the system, which may form elements of the attack path. However, estimating attack paths is complex since different attack paths can lead to a targeted element. Additionally, not all attack paths might be relevant since attack paths can have different properties based on the attacker’s capabilities and knowledge. We developed an approach that enables architects to identify relevant attack paths based on the software architecture. We created a metamodel for filtering options and added support for describing attack paths in an architectural description language. Based on this metamodel, we developed an analysis that automatically estimates attack paths using the software architecture. This can help architects to identify relevant attack paths to a targeted component and increase the system’s overall security. We evaluated our approach on five different scenarios. Our evaluation goals are to investigate our analysis’s accuracy and scalability. The results suggest a high accuracy and good runtime behavior for smaller architectures.
This work was supported by the German Research Foundation (DFG) under project number 432576552 (FluidTrust), by funding from the topic Engineering Secure Systems of the Helmholtz Association (HGF), by KASTEL Security Research Labs, by “Kerninformatik am KIT (KiKIT)” funded by the Helmholtz Association (HGF), and by the German Federal Ministry of Education and Research (BMBF) grant number 16KISA086 (ANYMOS).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
References
Aksu, M.U., et al.: Automated generation of attack graphs using NVD. In: Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy (CODASPY), pp. 135–142. ACM (2018)
Alhebaishi, N., et al.: Threat modeling for cloud data center infrastructures. In: Foundations and Practice of Security, pp. 302–319 (2016)
Basili, G., et al.: The goal question metric approach. Encyclopedia of Software Engineering (1994)
Berger, B.J., Sohr, K., Koschke, R.: Automatically extracting threats from extended data flow diagrams. In: Caballero, J., Bodden, E., Athanasopoulos, E. (eds.) ESSoS 2016. LNCS, vol. 9639, pp. 56–71. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-30806-7_4
CVE. https://cve.mitre.org/. Accessed 11 Jan 2022
CVSS SIG. https://www.first.org/cvss/. Accessed 11 Jan 2022
CWE. https://cwe.mitre.org/. Accessed 11 Jan 2022
Fisler, K., et al.: Verification and change-impact analysis of access-control policies. In: International Conference on Software Engineering 2005, p. 196 (2005)
Hamilton, B.A.: Industrial Cybersecurity Threat Briefing. Tech. rep., p. 82
Heinrich, R., et al.: Architecture-based change impact analysis in cross-disciplinary automated production systems. JSS 146, 167–185 (2018)
ISO: Information technology. en. Standard ISO/IEC 27000:2018, Geneva, CH (2018)
Johns, E.: Cyber Security Breaches Survey 2021: Statistical Release (2021)
Jürjens, J.: UMLsec: extending UML for secure systems development. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 412–425. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45800-X_32
Katkalov, K.: Ein modellgetriebener Ansatz zur Entwicklung informationsflusssicherer Systeme. doctoral thesis, Universität Augsburg (2017)
Kirschner, Y.R., et al.: Automatic Derivation of Vulnerability Models for Software Architectures. In: IEEE 20th International Conference on Software Architecture Companion (ICSA-C), pp. 276–283 (2023)
Kordy, B., et al.: DAG-based attack and defense modeling: don’t miss the forest for the attack trees. Comput. Sci. Rev. 13–14, 1–38 (2014)
Lodderstedt, Torsten, Basin, David, Doser, Jürgen.: SecureUML: a UML-based modeling language for model-driven security. In: Jézéquel, Jean-Marc., Hussmann, Heinrich, Cook, Stephen (eds.) UML 2002. LNCS, vol. 2460, pp. 426–441. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45800-X_33
OWASP Top Ten Web Application Security Risks | OWASP. https://owasp.org/www-project-top-ten/. Accessed 11 Jan 2022
Plachkinova, M., Maurer, C.: Security breach at target. J. Inf. Syst. Educ. 29(1), 11–20 (2018)
Polatidis, N., et al.: From product recommendation to cyber-attack prediction: generating attack graphs and predicting future attacks. Evolving Syst. 11(3), 479–490 (2020)
Reussner, R., et al.: Modeling and Simulating Software Architectures - The Palladio Approach. MIT Press, Cambridge (2016). isbn: 9780262034760
Runeson, P., Höst, M.: Guidelines for conducting and reporting case study research in software engineering. Empirical Softw. .ineering 14(2), 131 (2008)
Schneier, B.: Attack trees. Dr. Dobb’s J. 24(12), 21–29 (1999)
Securing the Software Supply Chain: Recommended Practices Guide for Developers, p. 64. Cybersecurity and Infrastructure Security Agency (CISA) (2022)
Seifermann, S., et al.: detecting violations of access control and information flow policies in data flow diagrams. J. Syst. Softw. 184, 111138 (2021)
Shu, X., et al.: Breaking the Target: An Analysis of Target Data Breach and Lessons Learned. ar**v:1701.04940 [cs] (2017)
Sion, L., et al.: Solution-aware data flow diagrams for security threat modeling. In: Symposium on Applied Computing, pp. 1425–1432. ACM (2018)
Sommestad, T., et al.: The cyber security modeling language: a tool for assessing the vulnerability of enterprise system architectures. IEEE Syst. J. 7(3), 363–373 (2012)
Tuma, K., et al.: Flaws in flows: unveiling design flaws via information flow analysis. In: International Conference on Software Architecture, pp. 191–200 (2019)
Turkmen, F., den Hartog, J., Ranise, S., Zannone, N.: Analysis of XACML policies with SMT. In: Focardi, R., Myers, A. (eds.) POST 2015. LNCS, vol. 9036, pp. 115–134. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46666-7_7
Van Rijsbergen, C., and Van Rijsbergen, C.: Information Retrieval. Butterworths (1979). isbn: 9780408709293
Walter, M., and Reussner, R.: Tool-based attack graph estimation and scenario analysis for software architectures. In: European Conference on Software Architecture 2022 Tracks and Workshops (accepted, to appear)
Walter, M., et al.: Architectural attack propagation analysis for identifying confidentiality issues. In: International Conference on Software Architecture (2022)
Walter, M., et al.: Architecture-based attack propagation and variation analysis for identifying confidentiality issues in Industry 4.0. at - Automatisierungstechnik 71(6), 443–452 (2023)
Walter, M., et al.: Dataset: Architecture-based Attack Path Analysis for Identifying Potential Security Incidents. https://doi.org/10.5281/zenodo.7900356
Yuan, B., et al.: An attack path generation methods based on graph database. In: 2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC), pp. 1905–1910 (2020)
Acknowledgement
We like to thank Jonathan Schenkenberger, who helped to implement this approach during his Master’s thesis.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Walter, M., Heinrich, R., Reussner, R. (2023). Architecture-Based Attack Path Analysis for Identifying Potential Security Incidents. In: Tekinerdogan, B., Trubiani, C., Tibermacine, C., Scandurra, P., Cuesta, C.E. (eds) Software Architecture. ECSA 2023. Lecture Notes in Computer Science, vol 14212. Springer, Cham. https://doi.org/10.1007/978-3-031-42592-9_3
Download citation
DOI: https://doi.org/10.1007/978-3-031-42592-9_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-42591-2
Online ISBN: 978-3-031-42592-9
eBook Packages: Computer ScienceComputer Science (R0)