Systematic classification of attackers via bounded model checking

Author

Eric ROTHSTEIN-MORRIS, Singapore University of Technology and Design
Jun SUN, Singapore Management UniversityFollow
Sudipta CHATTOPADYAY, Singapore University of Technology and Design

Publication Type

Conference Proceeding Article

Version

acceptedVersion

Publication Date

1-2020

Abstract

In this work, we study the problem of verification of systems in the presence of attackers using bounded model checking. Given a system and a set of security requirements, we present a methodology to generate and classify attackers, mapping them to the set of requirements that they can break. A naive approach suffers from the same shortcomings of any large model checking problem, i.e., memory shortage and exponential time. To cope with these shortcomings, we describe two sound heuristics based on cone-of-influence reduction and on learning, which we demonstrate empirically by applying our methodology to a set of hardware benchmark systems.

Discipline

Information Security

Research Areas

Software and Cyber-Physical Systems

Publication

Proceedings of the 21st International Conference on Verification, Model Checking, and Abstract Interpretation, VMCAI 2020, New Orleans, LA, January 19-21

First Page

1

Last Page

23

Identifier

10.1007/978-3-030-39322-9_11

City or Country

New Orleans, LA

Citation

ROTHSTEIN-MORRIS, Eric; SUN, Jun; and CHATTOPADYAY, Sudipta. Systematic classification of attackers via bounded model checking. (2020). Proceedings of the 21st International Conference on Verification, Model Checking, and Abstract Interpretation, VMCAI 2020, New Orleans, LA, January 19-21. 1-23.
Available at: https://ink.library.smu.edu.sg/sis_research/4634

Copyright Owner and License

Authors

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Additional URL

https://doi.org/10.1007/978-3-030-39322-9_11