You’re offline. This is a read only version of the page.
Skip to main content
KTH Degree Project Portal
Växla navigering
Assignments
Subscribe
About KTH Degree Project Portal
About KTH Degree Project Portal
For Employers
For Students
FAQ
English
English
Svenska
Sign in
Apply using email
Apply using URL
General
Headline
*
*
Organization/Company
*
Location
*
Assignment Type
*
Description
*
*
Background and Motivation: In cybersecurity engineering, “defensibility” is a concept on the rise that intends to complement the concept of "security". Even though the difference between the two are not entirely clear cut, defensibility is encompassing how difficult it is for a defender to transform a system environment into a (sufficiently) secure state. In the area of threat modeling models are produced to analyse security. This project aims to connect threat models to defensibility, and more specifically with threat models defined in the Meta Attack Language (MAL) (https://github.com/mal-lang). MAL models specify system architectures and possible attack paths over the architecture as well as potential defenses for mitigating the modelled attacks. Now we would like to also be able to use these models for assessing defensibility. Objectives: This project amis to extend the MAL formalism and a prototype toolchain so that it is possible This thesis aims to (a) define a formal notion and metrics of defensibility tailored to MAL-based threat models, and (b) develop a prototype toolchain to apply the metrics on the models. The project will : - Survey the literature on defensibility to arrive at state-of-the-art definition of "defensibility", and clarify how it differs from security, resilience and other related concepts. - Extract relevant properties and dimensions of the defensibility definition (e.g. cost of reconfiguring an architecture, attack detection capability, and more) and suggest queries or algorithms for measuring them on a MAL-model. - Select one or more representative domains or systems from literature with externally estimated levels of defensibility, reproduce them to demonstrate similar results from the model-based estimates. - Develop a toolchain that can automatically calculate the defensibility metric on a a MAL model. How to apply: Send your CV and University course grades to Mathias Ekstedt (mekstedt@kth.se). For questions about the project, send an email to the same address. Applications will be evaluated continuously
There are no records to display.
You don't have permissions to view these records.
Error completing request.
Loading...
Create
×
Close
Edit
×
Close
View details
×
Close
Delete
×
Close
Are you sure you want to delete this record?
Error
×
Close
We're sorry, an error has occurred.
Deadline for application
*
*
Publish date
*
*
Credits
30 hp
15 hp
15-30 hp
Application Channel
*
Email
URL
Both
Application Email
*
*
Application URL
*
Application Documents
*
CV, University grades
