Amira Radhouani - Formal methods to extract IS insider attacks

10:30
Friday
23
Jun
2017
Organized by: 
Amira Radhouani
Speaker: 
Amira Radhouani
Teams: 
Keywords: 
Detailed information: 

Thesis committee :

  • Reviewers:
    • Yamine Ait Ameur, Professor, Toulouse INP
    • Leila Jemni Ben Ayed, Professor, ENSI Tunis
  • Examiners:
    • Jacques Julliand, Professor, Franche-Comté University
    • Amel Borgi, Lecturer HdR, Tunis al-Manar University
    • Amel Mammar, Lecturer HdR, Telecom SudParis Institute,      
  • Supervisors:
    • Akram Idani, Lecturer, Grenoble INP
    • Yves Ledru, Professor, Grenoble Alpes University
    • Narjès Ben Rajeb, Professor, INSAT Tunis
Abstract: 

The early detection of potential threats during the modelling phase of a Secure Information System (IS) is required because it favours the design of a robust access control policy and the prevention of malicious behaviours during the system execution. 
This involves studying the validation of access control rules and performing vulnerabilities automated checks before the IS operationalization. We are particularly interested in detecting vulnerabilities that can be exploited by internal trusted users to commit attacks, called insider attacks, by taking advantage of their legitimate access to the system. To do so, we use formal B specifications which are generated by the B4MSecure platform from UML functional models and a SecureUML modelling of role-based 
access control rules. Since these vulnerabilities are due to the dynamic evolution of the functional state, we propose to study the reachability of some undesirable states starting from a normal state of the system.
The proposed techniques are an alternative to model-checking techniques. Indeed, they implement symbolic backward search algorithm based on complementary approaches : proof and constraint solving.
This rich technical background allowed the development of the GenISIS tool which automates our approach and which was successfully experimented on several case studies available in the literature.
These experiments showed its capability to extract already published attacks but also new attacks.