Evaluating the Exploitability of Implicit Interactions in Distributed Systems

Jaskolka, Jason

doi:10.48550/arxiv.2006.06045

Cited by 1 publication

(8 citation statements)

References 38 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Implicit interactions indicate the presence of a cybersecurity vulnerability that can be exploited to mount a cyberattack. By compromising the agent at the beginning of an implicit interaction's communication sequence (the source agent), an attacker can influence the behavior of the agent at the end of the communication sequence (the sink agent) to perform actions other than the functions the system was intended to perform, impacting the system's stability, safety, and security [Jas20a]. The impacts of such an attack are of particular concern in ICS, where agent behaviors may correspond to actions performed by physical components, and so implicit interactions pose a threat not just to software system integrity, but also to the integrity of physical components, the process controlled by the ICS, and the safety of individuals around the system.…”

Section: Motivationmentioning

confidence: 99%

“…Implicit interactions are exploited through a compromised agent, which refers to an agent that can behave in a way that is not consistent with its original or intended specification. This means that it has the ability to issue any stimulus and/or alter its concrete behavior (e.g., by defining a shared environment) [Jas20a]. The compromised agent then, can exploit the implicit interactions in the system for which it serves as the source agent (e.g., by issuing stimuli or defining shared environments out-of-sequence from the intended system interactions) to cause knock-on affects that adversely impact other agents in the system.…”

Section: Approaches To Identify and Analyze Implicit Interactionsmentioning

confidence: 99%

“…While severity is concerned with the threat posed by an implicit interaction, exploitability has been proposed to measure how many actions are available to a source agent that are able to influence the sink of an implicit interaction interaction [Jas20a].…”

Section: Approaches To Identify and Analyze Implicit Interactionsmentioning

confidence: 99%

“…Previous work on implicit interactions has posited that implicit interactions come from the hidden complexity and coupling in system designs [JV17a,Jas20a], so we would like to understand how more general design principles related to ideas such as coupling and cohesion [QFTX10] play a role in the prevalence of implicit interactions in a system design. We are particularly interested in the list of fundamental security design principles described in [SB18], many of which originally appeared in work by Saltzer and Schroeder [SS75] and have endured over the years despite numerous changes in the security landscape [Smi12].…”

Section: Design Principles For Improving System Qualitymentioning

confidence: 99%

“…The idea that complexity relates to a higher prevalence of implicit interactions has been expressed in terms system size [JV17b], interconnectedness [JV17a], and hidden coupling [JV17a,Jas20a]. Therefore, we explore multiple different measurements that represent the concept of system complexity to determine how complexity is relevant to the prevalence of implicit interactions.…”

Section: System-level Complexitymentioning

confidence: 99%

See 4 more Smart Citations

Principles and Properties for Reducing the Prevalence of Implicit Interactions in System Designs.

Newton¹

View full text Add to dashboard Cite

Early security considerations are essential to ensuring a system is adequately protected, but their ever-growing size and complexity often leaves full comprehension of a system's interconnections out of reach. This gives rise to implicit interactions. These unplanned or unforeseen communication sequences between components are security vulnerabilities that can be exploited to mount a cyberattack. Existing design-phase formal methods-based approaches exist to identify implicit interactions, but formal methods see limited adoption and the root cause of implicit interactions is not well understood.In this work, we extend the existing formal approach to suggest areas of a system to focus redesign efforts, while also providing alternative approaches that do not require formal expertise. These focus on graph-based measurements and providing a set of properties, quality attributes, and design principles with goals in line with the reduction of the prevalence of implicit interactions within a system design.I would like to thank my supervisor, Professor Jason Jaskolka, for his interest and guidance in this project. His support, encouragement, and ability to foster ideas and out-of-the-box thinking were all pivotal to the success of this work.I thank my colleagues for creating an inviting environment to share ideas, and for all their advice and constructive comments.Finally, I wish to thank my parents and my best friend for all their unconditional love and support over these past two years.

show abstract

Section: Motivationmentioning

confidence: 99%

Section: Approaches To Identify and Analyze Implicit Interactionsmentioning

confidence: 99%

Section: Approaches To Identify and Analyze Implicit Interactionsmentioning

confidence: 99%

Section: Design Principles For Improving System Qualitymentioning

confidence: 99%