University of Illinois Urbana-Champaign

Addressing challenges to quantitative security modeling

Rausch, Michael J

Content Files
RAUSCH-DISSERTATION-2021.pdf

Permalink

https://hdl.handle.net/2142/113911

Description

Title
Addressing challenges to quantitative security modeling
Author(s)
Rausch, Michael J
Issue Date
2021-12-03
Director of Research (if dissertation) or Advisor (if thesis)
Sanders, William
Doctoral Committee Chair(s)
Sanders, William
Committee Member(s)
  • Nahrstedt, Klara
  • Gunter, Carl
  • Muehrcke, Carol
Department of Study
Computer Science
Discipline
Computer Science
Degree Granting Institution
University of Illinois at Urbana-Champaign
Degree Name
Ph.D.
Degree Level
Dissertation
Date of Ingest
2022-04-29T21:34:51Z
Keyword(s)
  • cybersecurity
  • quantitative modeling
  • cybersecurity metrics
  • GAMES
  • agent based systems
  • metamodels
  • stacked metamodels
  • ontologies
  • model generation
  • sensitivity analysis
  • uncertainty quantification
Abstract
Quantitative state-based models can help those responsible for designing, maintaining, or insuring cyber systems make informed decisions. However, there are a number of difficulties that discourage the use of quantitative cybersecurity models in practice. We identify four significant challenges to quantitative security modeling, (1) cybersecurity models are difficult to build by hand, particularly for system architects that are not experts in cybersecurity, (2) it is challenging to model the complex interplay between the cyber system and the many human entities that interact with it with current modeling formalisms, (3) the uncertainty that comes from the model’s input variables should be managed and explored with sensitivity analysis (SA) and uncertainty quantification (UQ), but many models run too slowly to complete traditional SA and UQ analyses, and (4) there is a lack of appropriate frameworks, guidance on metrics, and advice on common modeling issues with regards to quantitative cybersecurity models. In this dissertation, we address each of the four challenges. To address the first challenge, we present an ontology-assisted automatic cybersecurity model generation approach that modelers can use to make cybersecurity models quickly and easily. Using this approach, a system architect would first create a system diagram of the components of the system and their relationships to one another. Then, a model generation algorithm would convert the system diagram (with the aid of an ontology) into a sophisticated cybersecurity model that can be executed to obtain metrics. We implemented the tool in Mobius and demonstrated its use with an AMI test case. To address the second challenge, we designed a new agent-based modeling formalism called GAMES that allows the modeler to explicitly model the system and all of the human entities that interact with the system in a modular and intuitive fashion, and show its strengths with a worked example. To address the third challenge, we proposed an indirect stacking-based metamodeling approach. Using the metamodeling approach, we are able to accomplish sensitivity analysis and uncertainty quantification hundreds to thousands of times faster than traditional approaches and with better accuracy than current metamodel approaches. We demonstrate the approach’s efficacy with eight worked examples. Finally, to address the fourth challenge, we present a high-level framework to guide the modeling process, give guidance on what metrics to calculate and how to calculate them, and share advice on common issues with cybersecurity modeling. The theoretical and practical contributions presented in this dissertation will help make quantitative cybersecurity modeling easier to use and more useful, which will, in turn, help protect society’s most critical and valuable infrastructure from cyber threats.
Graduation Semester
2021-12
Type of Resource
Thesis
Permalink
http://hdl.handle.net/2142/113911
Copyright and License Information
Copyright 2021 Michael Rausch

Owning Collections

Graduate Dissertations and Theses at Illinois PRIMARY
Graduate Theses and Dissertations at Illinois