Modeling Attack, Defense and Threat Trees and the Cyber Kill Chain, ATT CK and STRIDE Frameworks as Blackboard Architecture Networks
Title | Modeling Attack, Defense and Threat Trees and the Cyber Kill Chain, ATT CK and STRIDE Frameworks as Blackboard Architecture Networks |
Publication Type | Conference Paper |
Year of Publication | 2020 |
Authors | Straub, J. |
Conference Name | 2020 IEEE International Conference on Smart Cloud (SmartCloud) |
Date Published | November 2020 |
Publisher | IEEE |
ISBN Number | 978-1-7281-6547-9 |
Keywords | ATT&CK framework, attack decision making logic, attack trees, BACCER, blackboard architecture, blackboard architecture cyber command entity attack route, Chained Attacks, command and control systems, Computer architecture, Cyber Kill Chain, cybersecurity, cybersecurity attacks, decision making, defense trees, formal logic, maintenance engineering, Microsoft's STRIDE, MITRE ATT&CK frameworks, pubcrawl, Reconnaissance, resilience, Resiliency, Scalability, security of data, software architecture, Terminology, threat trees, tree-structures, trees (mathematics), Weapons |
Abstract | Multiple techniques for modeling cybersecurity attacks and defense have been developed. The use of tree- structures as well as techniques proposed by several firms (such as Lockheed Martin's Cyber Kill Chain, Microsoft's STRIDE and the MITRE ATT&CK frameworks) have all been demonstrated. These approaches model actions that can be taken to attack or stopped to secure infrastructure and other resources, at different levels of detail.This paper builds on prior work on using the Blackboard Architecture for cyberwarfare and proposes a generalized solution for modeling framework/paradigm-based attacks that go beyond the deployment of a single exploit against a single identified target. The Blackboard Architecture Cyber Command Entity attack Route (BACCER) identification system combines rules and facts that implement attack type determination and attack decision making logic with actions that implement reconnaissance techniques and attack and defense actions. BACCER's efficacy to model examples of tree-structures and other models is demonstrated herein. |
URL | https://ieeexplore.ieee.org/document/9265953 |
DOI | 10.1109/SmartCloud49737.2020.00035 |
Citation Key | straub_modeling_2020 |
- maintenance engineering
- Weapons
- trees (mathematics)
- tree-structures
- threat trees
- Terminology
- Software Architecture
- security of data
- Scalability
- Resiliency
- resilience
- Reconnaissance
- pubcrawl
- MITRE ATT&CK frameworks
- Microsoft's STRIDE
- ATT&CK framework
- formal logic
- defense trees
- Decision Making
- cybersecurity attacks
- Cybersecurity
- Cyber Kill Chain
- computer architecture
- command and control systems
- Chained Attacks
- blackboard architecture cyber command entity attack route
- blackboard architecture
- BACCER
- attack trees
- attack decision making logic