Alternativer Identifier:
(KITopen-DOI) 10.5445/IR/1000141655
Verwandter Identifier:
-
Ersteller/in:
Walter, Maximilian https://orcid.org/0000-0003-0358-6644 [Walter, Maximilian]

Heinrich, Robert [Heinrich, Robert]

Reussner, Ralf [Reussner, Ralf]
Beitragende:
-
Titel:
Dataset - Architectural Attack Propagation Analysis for Identifying Confidentiality Issues
Weitere Titel:
-
Beschreibung:
(Technical Remarks) # Dataset for Attacker Propagation ## Content There are 4 folders: * **binary** for an excutable version * **effort_reduction** data-sheet for the effort calculation * **evaluationmodel** PCM models of the 3 case studies and expected results * **source** source for the analysis and the metamodel ## Executing with the binary We bundled a eclipse product, which can be used to start our analysis and view the models. It should be configured that it automatically opens a workspace with the necessary projects loaded. In case that won't happen, the projects can be manually loaded over the source folder and there *Palladio-Addons-ContextConfidentiality-Analysis/tests/org.palladiosimulator.pcm.confidentiality.context.analysis.testmodels/* or for the automatic test *Palladio-Addons-ContextConfidentiality-Analysis/tests/edu.kit.ipd.sdq.kamp4attack.tests/* Here we describe the step to execute the binary: * Unzip the version of your Operating System * **Attention:** The MAC-Version might not work, because of MACOS security features. In that case [this](https://sdqweb.ipd.kit.edu/wiki/PCM_Installation#Mac_OS_X) might help. If not, you can still use the update site or manually install the tooling, but you are required to solve the dependencies manually. * We also provide an vm image for the tooling in the binary folder and there the vm folder * In the VM the Procuct is in the home directory under AttackerPropagation * The credentials for the vm are: * User: icsa * Password: icsa * Root-Password: icsa * Start the Application by executing the *PalladioBench* binary (not the eclipse one!) * After the load screen you should see 3 Projects in the Modelviewer on the left side: * edu.kit.ipd.sdq.kamp4attack.tests * org.palladiosimulator.pcm.confidentiality.context.analysis.testframework * org.palladiosimulator.pcm.confidentiality.context.analysis.testmodels * The models are stored in *org.palladiosimulator.pcm.confidentiality.context.analysis.testmodels*. * By clicking on the arrow before the project you can see the content. * The evaluation models are stored in the following folders: * models/powerGrid * models/targetBreach * models/travelplanner * Each folder contains the pcm models (allocation, reposity, resourceenvironment, system, usagemodel), the attackermodel (*.attacker), the access control model (*.context), the result model (*.kamp4attackmodificationmarks) and eclipse launchconfig (*.launch) * with the launch config the scenario can be executed, by opening the context menu (normally right clock) and clicking "Run as" * for a description of the models see Model Description * Additionally the accuracy tests can be executed automatically as Junit-Plugin-Test (only in the Linux binary): * Open edu.kit.ipd.sdq.kamp4attack.tests project * Navigate in the src folder to *edu.kit.ipd.sdq.kamp4attack.tests.casestudies* and *edu.kit.ipd.sdq.kamp4attack.tests.casestudies.travelplanner*. * By opening the context menu (right click usually) and "Run as" Junit-**Plugin**-Test * It is important to execute the tests as Plugin Tests since otherwise the dependencies can't be solved * For Windows and Mac-User they can run the test by executing `mvn clean verify` in *source/Palladio-Addons-ContextConfidentiality-Analysis/* or use the vm image in case maven does not work ## Executing without the binaries * Build each source project with maven * Projects generates an updatesite usually in the releng folder in an folder ending with .updatesite * These updatesites need to be installed in an eclipse installation. An README can be find in the source analysis source folder for the necessary dependencies ## Model Descripton * Target Breach * in folder targetBreach * Ukrainian Power Grid * in folder powerGrid * TravelPlanner * in folder travelplanner * Scenarios in folder *Attacker_Propagation_Accuracy*: 1. An Empty Attacker model. The analysis has no attacker, therefore no propagation should happen 2. The attacker has no attack therefore only the initial component is affected 3. The attacker has no specific attack but has some stolen credential. Therefore, only the credentials are allowed for the propagation 4. Propagations based on vulnerabilites. The attacker has attacks for mainly one attack step. To verify that each propagation types work 1. A Component to a Seff Propagation 2. A Component to Component Propagtion 3. The component compromises the resource it is deployed on 4. The component compromises a remote resource (not the one it is deployed on) 5. A linking Resource compromises a connected Resource container 6. A linking Resource compromises a connected component 7. A resource compromises a connected component 8. A resource compromises another connected resource 5. The attacker gains a new credential based on an attack, but can't take full control of the Linking Resource 6. Tests whether the AttackVector option is considered in the analysis 7. Tests whether the Privilege option is considered in the analysis ## Resultsmodel The ids of the non pcm elements (ServiceRestrictions and CompromisedData) might change for every run, since they are dynamically calculated for each analysis step. However, this is not problematic since they can identified by their other properties. ## Further Information Additional information and the current source code can be found at our Github repositories: * [Metamodel]https://github.com/FluidTrust/Palladio-Addons-ContextConfidentiality-Metamodel) * [Analysis](https://github.com/FluidTrust/Palladio-Addons-ContextConfidentiality-Analysis) * [Bench-Product](https://github.com/FluidTrust/Palladio-Bench-Product-AttackerPropagation)
Schlagworte:
-
Zugehörige Informationen:
-
Sprache:
-
Erstellungsjahr:
Fachgebiet:
Computer Science
Objekttyp:
Dataset
Datenquelle:
-
Verwendete Software:
-
Datenverarbeitung:
-
Erscheinungsjahr:
Lizenz:
Eclipse Public License 2.0
Rechteinhaber/in:

Heinrich, Robert

Reussner, Ralf
Förderung:
-
Name Speichervolumen Metadaten Upload Aktion

Zugriffe der letzten sechs Monate

Aufrufe der Datenpaket-Seite

56


Downloads des Datenpakets

5


Gesamtstatistik

Zeitraum Aufrufe der Datenpaket-Seite Datenpaket heruntergeladen
Feb. 2024 16 0
Jan. 2024 8 5
Dez. 2023 4 0
Nov. 2023 16 0
Okt. 2023 7 0
Sep. 2023 5 0
Vorher 32 1
Gesamt 88 6
Status:
Publiziert
Eingestellt von:
kitopen
Erstellt am:
Archivierungsdatum:
2023-06-24
Archivgröße:
4,2 GB
Archiversteller:
kitopen
Archiv-Prüfsumme:
a79a8103c68b4ea76b475137521e49e9 (MD5)
Ende des Embargo-Zeitraums:
-