Skip to search boxSkip to navigationSkip to main content

Towards enhanced threat modelling and analysis using a Markov Decision Process

Research Output: Contribution to journal Article Peer-review

Abstract

The complexity of socio-technical systems using Ambient Intelligence (AmI) and the Internet of Things (IoT) is growing exponentially, involving numerous entities, such as humans, infrastructures, and cyber systems. Achieving and maintaining a specified level of security and privacy in such systems is challenging and crucial. Attack Tree is a powerful technique used in safety and reliability engineering. In this paper, we attempted to enhance Attack Tree analysis by transforming it into a Markov Decision Process (MDP) model. We propose an algorithm to transform an Attack Tree into an MDP model. We argue that formal methods, such as probabilistic model checking can significantly improve the security analysis capabilities. Moreover, the mixture of MDP and probabilistic model checking can overcome the limitations of Attack Trees, such as state explosion, scalability, and manual interaction. We used a probabilistic model checker, namely PRISM to model an attack scenario and perform security analysis on it. To demonstrate the significance, we took a real-world use case and performed a probabilistic analysis on it. The results revealed that formal analysis can prove certain properties, which were not possible to verify using attack trees.

Publication Information

Output type

Research Output: Contribution to journal Article Peer-review

Original language

English

Pages from-to (Number of pages)

Pages 282-291 (10 pages)

Journal (Volume, Issue Number)

Computer Communications (Volume 194)

Publication milestones

  • Accepted/In press - 20/07/2022
  • Published - 30/07/2022

Publication status

Published - 30/07/2022

ISSN

0140-3664

External Publication IDs

  • ORCID: /0000-0003-3284-1755/work/116570943
  • Scopus: 85136714963