Evaluating the Exploitability of Implicit Interactions in Distributed Systems
Implicit interactions refer to those interactions among the components of a system that may be unintended and/or unforeseen by the system designers. As such, they represent cybersecurity vulnerabilities that can be exploited to mount cyber-attacks causing serious and destabilizing system effects. In...
Saved in:
Main Author | |
---|---|
Format | Journal Article |
Language | English |
Published |
10.06.2020
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | Implicit interactions refer to those interactions among the components of a
system that may be unintended and/or unforeseen by the system designers. As
such, they represent cybersecurity vulnerabilities that can be exploited to
mount cyber-attacks causing serious and destabilizing system effects. In this
paper, we study implicit interactions in distributed systems specified using
the algebraic modeling framework known as Communicating Concurrent Kleene
Algebra (C$^2$KA). To identify and defend against a range of possible attack
scenarios, we develop a new measure of exploitability for implicit interactions
to aid in evaluating the threat posed by the existence of such vulnerabilities
in system designs for launching cyber-attacks. The presented approach is based
on the modeling and analysis of the influence and response of the system agents
and their C$^2$KA specifications. We also demonstrate the applicability of the
proposed approach using a prototype tool that supports the automated analysis.
The rigorous, practical techniques presented here enable cybersecurity
vulnerabilities in the designs of distributed systems to be more easily
identified, assessed, and then mitigated, offering significant improvements to
overall system resilience, dependability, and security. |
---|---|
DOI: | 10.48550/arxiv.2006.06045 |