Loading...
News About John X. Wang

What Every Engineer Should Know About Cyber Threat Trees

  • Feb 16, 2020 |

    Cyber Threat Trees for large system threat cataloging and analysis

    • The implementation of cyber threat countermeasures requires identification of points in a system where redundancy or other modifications are needed.

    • Because large systems have many possible threats that may be interdependent, it is crucial that such threats be cataloged in a manner that allows for efficient representation and ease of analysis to identify the most critical threats.

    • To address this problem, we can model large system threats by conceptually representing them as a Cyber Threat Tree implemented as a directed graph known as a Multiple-Valued Decision Diagram (MDD).

    • The cyber threat tree structure improves upon both the classical fault tree and attack tree structures by expanding the representation of possible system threats.

    • This cyber threat tree model is incorporated into an existing MDD software package to help identify and catalog possible system threats.

    Building and Integrating an Information Security Trustworthiness Framework

    • We can introduce a new type of tree: Cyber Threat Trees.

    • They are a superset of Fault and Attack trees since they are based on multiple-valued or radix-p valued algebras over a finite and discrete set of values.

    • For example, when the radix p=2, the cyber threat tree reduces to a fault or attack tree depending on the nature of the disruptive events.

    • It explains that cyber threat trees have usually allowed for allow for more complicated interactions to be modeled.

    Cyber Threat Trees with Neuro-Fuzzy based Software Risk Estimation Tool

    • For Software threat prediction, various statistical approaches as well as advanced approaches are introduced in different areas where Software systems are being used.

    • For Cyber Threat, Cyber threat trend analysis model is proposed using Hidden Markov Model (HMM), to forecast the Cyber threat trend.

      • HMM is a tool in which hidden state is determined .

    • After comparison with existing techniques, the Neuro-Fuzzy based Software Risk Estimation Tool provides accurate results.

      • MERIT workshop and training programs are conducted for effective training about insider threat awareness.

        • Insider threats are those undesired events that are performed by the legitimate users.

    • Threat Analysis and Modeling (TAM) tool is used to identify the threats and evaluate the risks.

      • This process is useful in business applications.

      • To identify the most critical large system threats, Cyber Threat Tree is implemented as directed graph known as Multiple Valued Decision Diagram (MDD).

        • Multiple Valued Logic function is used to represent the threat states and their interdependence.

    Software Reliability Assessment using Neuro Fuzzy System

    • Software Reliability Assessment using Neuro Fuzzy System utilizes a threat representation structure called a Cyber Threat Tree.

    • This idea was motivated from the ideas of fault trees, which were originally devised by Bell laboratories.

    • Cyber threat trees have important differences from the fault trees in that many threat events are not statistically independent and that, unlike the fault tree model, we do not model threats as faults.

    • In the fault tree model, a fault either exists or does not; hence, it is based on a binary Boolean logic switching function.

    • Binary decision diagrams (BDDs) and their extended format multi-state BDDs (MBDDs) have been adapted to solve a fault tree model for reliability analysis.

    • This CRC Press News discusses a new family of decision diagrams, Multiple-Valued Decision Diagrams (MDDs) for dependability analysis of fault tolerant systems.

    • Both BDDs and MDDs can be used to find the exact solution for extremely large systems with arbitrary component failure distribution.

    • However, as compared with the BDD approach, the MDD approach has two advantages:

      • it incorporates imperfect fault coverage modeling automatically, also,

      • it provides a straightforward and efficient solution to analyzing system safety.

    • The reliability and safety of a fault tolerant computer system called 3P2M are analyzed to illustrate the advantages of the MDD approach.

    Summary

    • System security continues to be of increasing importance.

    • To effectively address both natural and intentional threats to large systems, the threats must be cataloged and analyzed.

    • Extremely large and complex systems can have an accordingly large number of threat scenarios.

    • Simply listing the threats and devising countermeasures for each is ineffective and not efficient.

    • This CRC Press News describe a threat cataloging methodology whereby a large number of threats can be efficiently cataloged and analyzed for common features.

    • This allows countermeasures to be formulated that address a large number of threats that share common features.

    • The methodology utilizes Multiple-Valued Logic for describing the state of a large system and a multiple-valued decision diagram (MDD) for the threat catalog and analysis.

    See More
    Subjects
    Computer Science & Engineering, Engineering - Electrical, Engineering - General, Engineering - Industrial & Manufacturing, Information Technology