Skip to main content
KTH Ri.se Stockholm University
Navigation

Threat modeling and attack simulations for cyber security visualization and assessment

Save to calendar

Nov 12

Say welcome to Robert Lagerström, associate professor at the School of Electrical Engineering and Computer Science, KTH. His research is focused on enterprise security, threat modeling, attack simulations, vehicle security, and viable cities.

Date and time: 12 November 2020, 12pm – 1 pm
Speaker: Robert Lagerström
Title: Threat modeling and attack simulations for cyber security visualization and assessment
Zoom: https://kth-se.zoom.us/j/67432682790?pwd=dVgzbjRSbUVFT2FOYTByYlZrTU9BUT09
Meeting ID: 674 3268 2790
Password: DF2020

Picture of Robert LagerströmAbstract: Attack simulations may be used to assess the cyber security of systems. In such simulations, the steps taken by an attacker in order to compromise sensitive system assets are traced, and a time estimate may be computed from the initial step to the compromise of assets of interest. Attack graphs constitute a suitable formalism for the modeling of attack steps and their dependencies, allowing the subsequent simulation.

To avoid the costly proposition of building new attack graphs for each system of a given type, domain-specific attack languages may be used. These languages codify the generic attack logic of the considered domain, thus facilitating the modeling, or instantiation, of a specific system in the domain. Examples of possible cyber security domains suitable for domain-specific attack languages are generic types such as cloud systems or embedded systems but may also be highly specialized kinds, e.g. Ubuntu installations; the objects of interest as well as the attack logic will differ significantly between such domains.

In this talk, I will present the Meta Attack Language (MAL), which may be used to design domain-specific attack languages such as the aforementioned.

Bio: Robert Lagerström is an associate professor at the School of Electrical Engineering and Computer Science, KTH. His research is focused on enterprise security, threat modeling, attack simulations, vehicle security, and viable cities. Robert is a member of the Young Academy of Sweden and one of the founders of Foreseeti AB.