This directory provides the implementation of the attack-defense exploration method published in the papers:
A- Salim Chehida, Abdelhakim Baouya, Marius Bozga and Saddek Bensalem, "Exploration of Impactful Countermeasures on IoT Attacks", 2020 9th Mediterranean Conference on Embedded Computing (MECO), Budva, Montenegro, 2020, pp. 1-4, https://ieeexplore.ieee.org/abstract/document/9134200.
B- Braham Lotfi Mediouni, Ayoub Nouri, Marius Bozga, Axel Legay, Saddek Bensalem, "Mitigating Security Risks Through Attack Strategies Exploration", Leveraging Applications of Formal Methods, Verification and Validation - 8th International Symposium, ISoLA 2018 Proceedings Part II, LNCS 11245:392-413.
The input of Attack-Defense Exploration Tool is the risk assessment model composed of a set of attacks A with their characteristics (Cost, LP, UB, Env), a set of countermeasures C, ADT expressed as logic formula, and the constraints Tmax (time to perform attacks) and Cmax (budget of resources used in attacks). The output is a defense configuration DC composed of a set of impactful countermeasures.
An extended technical report is available online at http://www-verimag.imag.fr/TR/TR-2018-4.pdf
-
Java 11 is required to compile sources
-
Download ANTLR v4 (version antlr-4.7-complete.jar) from https://www.antlr.org/download/index.html. Place the jar file into the attack-defense/lib directory.
-
Use ant to compile and run the application as follows
$ ant compile $ ant jar
Several benchmarks are included in the examples directory. Every benchmark can be run by calling
$ bin/adt.sh .adt
where can be actually one of orga, bgp, scada or im. On completion, the attack tree annotated with the most impactful defender will be exported in .dot.
Optional, the tool can be invoked from the ant script
$ ant run -Dadtfile=examples/.adt
"SALIM CHEHIDA" [email protected]
"ABDELHAKIM BAOUYA" [email protected]
"MARIUS BOZGA" [email protected]
"SADDEK BENSALEM" [email protected]