Du är offline. Det här är en skrivskyddad version av sidan.
Hoppa till huvudinnehåll
KTH Exjobbportal
Växla navigering
Uppdrag
Prenumerera
Om KTH Exjobbportal
Om KTH Exjobbportal
För uppdragsgivare
För studenter
FAQ
Svenska
English
Svenska
Logga in
Ansök med e-post
Ansök med URL
Uppdrag
Rubrik
*
*
Organisation/Företag
*
Plats
*
Uppdrag
*
Beskrivning
*
*
Background and Motivation: Threat modeling is a cornerstone of modern cybersecurity analysis, enabling systematic identification of attack paths and defensive measures. The Meta Attack Language (MAL) (https://github.com/mal-lang) provides a formalism for representing attack logic and simulating adversarial behavior across various system domains, such as cloud environments and industrial control systems. In recent research, attack simulations are also used for training autonomous cyberdefense agents to take actions based on some observed attacker behavior. However, a challenge in this activity is to produce training data that are not based on some specific static system configuration as this would overfit the learned behavior to that very specific environment. Instead we would like to represent but still represent a some larger domain where systems follow some common patterns but vary in others. We would then like to be able to automatically generate system configurations that varies in a number of dimensions according to some expected variances representing an actual distribution of systems within a domain. Objectives: This project amis to extend the MAL formalism and a prototype toolchain so that it is possible write specifications that in turn can be used for generating multiple MAL threat model instances according to the specified statistics. The project will: 1. Perform a literature review on model-driven security engineering, threat modeling automation, and MAL in particular. 2. Extend the MAL formalism so that it can encode statistical properties of structural threat model design. This includes expressions such as producing a number of communication networks according to some distribution, where the number of machine per network follow another distribution and the machine-to-machine communication follows a third. 3. Implement a tool that produce models according to the specifications . 4. Perform a smaller case study where material describing some system domain is used to motivate a model specification and where this is used to produce the threat model instances of the original material. How to apply: Send your CV and University course grades to Mathias Ekstedt (mekstedt@kth.se). For questions about the project, send an email to the same address. Applications will be evaluated continuously
Det finns inga poster att visa.
Du har inte behörighet att visa de här posterna.
Fel när begäran slutfördes.
Läser in ...
Skapa
×
Stäng
Redigera
×
Stäng
Visa information
×
Stäng
Ta bort
×
Stäng
Vill du radera den här posten?
Fel
×
Stäng
Ett fel har uppstått.
Sista ansökningsdatum
*
*
Publiceringsdatum
*
*
Omfattning
30 hp
15 hp
15-30 hp
Applikationskanal
*
e-post
URL
Båda
E-post för ansökan
*
*
Appens URL
*
Ansökningshandlingar
*
CV, University grades
