Visible to the public Biblio

Filters: Keyword is Data-Driven Model-Based Decision-Making  [Clear All Filters]
2017-08-03
Shubham Goel, University of Illinois at Urbana-Champaign, Masooda Bashir, University of Illinois at Urbana-Champaign.  2017.  Ransomware: Recommendations against the Extortion.

Poster presented at the 2017 Science of Security UIUC Lablet Summer Internship Poster Session held on July 27, 2017 in Urbana, IL.

2017-04-03
2016-11-15
Mohammad Noureddine, University of Illinois at Urbana-Champaign, Masooda Bashir, University of Illinois at Urbana-Champaign, Ken Keefe, University of Illinois at Urbana-Champaign, Andrew Marturano, University of Illinois at Urbana-Champaign, William H. Sanders, University of Illinois at Urbana-Champaign.  2015.  Accounting for User Behavior in Predictive Cyber Security Models.

The human factor is often regarded as the weakest link in cybersecurity systems. The investigation of several security breaches reveals an important impact of human errors in exhibiting security vulnerabilities. Although security researchers have long observed the impact of human behavior, few improvements have been made in designing secure systems that are resilient to the uncertainties of the human element.

In this talk, we discuss several psychological theories that attempt to understand and influence the human behavior in the cyber world. Our goal is to use such theories in order to build predictive cyber security models that include the behavior of typical users, as well as system administrators. We then illustrate the importance of our approach by presenting a case study that incorporates models of human users. We analyze our preliminary results and discuss their challenges and our approaches to address them in the future.

Presented at the ITI Joint Trust and Security/Science of Security Seminar, October 20, 2016.

Mohammad Noureddine, University of Illinois at Urbana-Champaign.  2015.  Human Aware Science of Security.

Presented at the Illinois SoS Bi-weekly Meeting, February 2015.

Ken Keefe, University of Illinois at Urbana-Champaign.  2014.  Making Sound Design Decisions Using Quantitative Security Metrics.

Presented at the Illinois SoS Bi-weekly Meeting, December 2014.

Ken Keefre, University of Illinolis at Urbana-Champaing, William H. Sanders, University of Illinois at Urbana-Champaign.  2015.  Reliability Analysis with Dynamic Reliability Block Diagrams in the Mobius Modeling Tool. 9th EAI International Conference on Performance Evaluation Methodologies and Tools (VALUETOOLS 2015).

Reliability block diagram (RBD) models are a commonly used reliability analysis method. For static RBD models, combinatorial solution techniques are easy and efficient. However, static RBDs are limited in their ability to express varying system state, dependent events, and non-series-parallel topologies. A recent extension to RBDs, called Dynamic Reliability Block Diagrams (DRBD), has eliminated those limitations. This tool paper details the RBD implementation in the M¨obius modeling framework and provides technical details for using RBDs independently or in composition with other M¨obius modeling formalisms. The paper explains how the graphical front-end provides a user-friendly interface for specifying RBD models. The back-end implementation that interfaces with the M¨obius AFI to define and generate executable models that the M¨obius tool uses to evaluate system metrics is also detailed.

2016-10-24
2015-11-11
John C. Mace, Newcastle University, Charles Morisset, Newcastle University, Aad Van Moorsel, Newcastle University.  2015.  Resiliency Variance in Workflows with Choice. International Workshop on Software Engineering for Resilient Systems (SERENE 2015).

Computing a user-task assignment for a workflow coming with probabilistic user availability provides a measure of completion rate or resiliency. To a workflow designer this indicates a risk of failure, espe- cially useful for workflows which cannot be changed due to rigid security constraints. Furthermore, resiliency can help outline a mitigation strategy which states actions that can be performed to avoid workflow failures. A workflow with choice may have many different resiliency values, one for each of its execution paths. This makes understanding failure risk and mitigation requirements much more complex. We introduce resiliency variance, a new analysis metric for workflows which indicates volatility from the resiliency average. We suggest this metric can help determine the risk taken on by implementing a given workflow with choice. For instance, high average resiliency and low variance would suggest a low risk of workflow failure.

John C. Mace, Newcastle University, Charles Morisset, Newcastle University, Aad Van Moorsel, Newcastle University.  2015.  Impact of Policy Design on Workflow Resiliency Computation Time. Quantitative Evaluation of Systems (QEST 2015).

Workflows are complex operational processes that include security constraints restricting which users can perform which tasks. An improper user-task assignment may prevent the completion of the work- flow, and deciding such an assignment at runtime is known to be complex, especially when considering user unavailability (known as the resiliency problem). Therefore, design tools are required that allow fast evaluation of workflow resiliency. In this paper, we propose a methodology for work- flow designers to assess the impact of the security policy on computing the resiliency of a workflow. Our approach relies on encoding a work- flow into the probabilistic model-checker PRISM, allowing its resiliency to be evaluated by solving a Markov Decision Process. We observe and illustrate that adding or removing some constraints has a clear impact on the resiliency computation time, and we compute the set of security constraints that can be artificially added to a security policy in order to reduce the computation time while maintaining the resiliency.

John C. Mace, Newcastle University, Charles Morisset, Newcastle University, Aad Van Moorsel, Newcastle University.  2015.  Modelling User Availability in Workflow Resiliency Analysis. Symposium and Bootcamp on the Science of Security (HotSoS).

Workflows capture complex operational processes and include security constraints limiting which users can perform which tasks. An improper security policy may prevent cer- tain tasks being assigned and may force a policy violation. Deciding whether a valid user-task assignment exists for a given policy is known to be extremely complex, especially when considering user unavailability (known as the resiliency problem). Therefore tools are required that allow automatic evaluation of workflow resiliency. Modelling well defined workflows is fairly straightforward, however user availabil- ity can be modelled in multiple ways for the same workflow. Correct choice of model is a complex yet necessary concern as it has a major impact on the calculated resiliency. We de- scribe a number of user availability models and their encod- ing in the model checker PRISM, used to evaluate resiliency. We also show how model choice can affect resiliency computation in terms of its value, memory and CPU time.