Abstract

Nowadays, IT infrastructures are involved in making innumerable aspects of our lives convenient, starting with water or energy distribution systems, and ending with e-commerce solutions and online banking services. In the worst case, cyberattacks on such infrastructures can paralyze whole states and lead to losses in terms of both human lives and money.One of the approaches to increase security of IT infrastructures relies on modeling possible ways of compromising them by potential attackers. To facilitate creation and reusability of such models, domain specific languages (DSLs) can be created. Ideally, a user will employ a DSL for modeling their infrastructure of interest, with the domain-specific threats and attack logic being already encoded in the DSL by the domain experts.The Meta Attack Language (MAL) has been introduced previously as a meta-DSL for development of security-oriented DSLs. In this work, we define formally the syntax and a semantics of MAL to ease a common understanding of MAL’s functionalities and enable reference implementations on different technical platforms. It’s applicability for modeling and analysis of security of IT infrastructures is illustrated with an example.

Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Domain Specific Language (DSL) development for desktop-based database application generator
Steven Lolong ... Achmad I Kistijantoro
-
Steven Lolong, et. al.Steven Lolong ... Achmad I Kistijantoro
01 Jul 2011
MontiCore: a framework for compositional development of domain specific languages
Holger Krahn ... Bernhard Rumpe
International Journal on Software Tools for Technology Transfer (STTT) | VOL. 12
Holger Krahn, et. al.Holger Krahn ... Bernhard Rumpe
09 Mar 2010
An agile model-driven method for involving end-users in DSL development
María José Villanueva Del Pozo
-
María José Villanueva Del PozoMaría José Villanueva Del Pozo
25 Jan 2016
Concern-oriented language development (COLD): Fostering reuse in language engineering
Benoit Combemale ... Andreas Wortmann
Computer Languages, Systems & Structures | VOL. 54
Benoit Combemale, et. al.Benoit Combemale ... Andreas Wortmann
31 May 2018
View more papers

More From: Computers & Security

Paper Title
Journal
Date
Author
A method for recovering adversarial samples with both adversarial attack forensics and recognition accuracy
Zigang Chen ... Haihua Zhu
Computers & Security | VOL. 144
Zigang Chen, et. al.Zigang Chen ... Haihua Zhu
06 Jul 2024
Adopting security practices in software development process: Security testing framework for sustainable smart cities
Yusuf Mothanna ... Mhd Saeed Sharif
Computers & Security | VOL. 144
Yusuf Mothanna, et. al.Yusuf Mothanna ... Mhd Saeed Sharif
06 Jul 2024
Combating temporal composition inference by high-order camouflaged network topology obfuscation
Xiaohui Li ... Yue Chen
Computers & Security | VOL. 144
Xiaohui Li, et. al.Xiaohui Li ... Yue Chen
05 Jul 2024
TFAN: A Task-adaptive Feature Alignment Network for few-shot website fingerprinting attacks on Tor
Qiuyun Lyu ... Zhen Wang
Computers & Security | VOL. 144
Qiuyun Lyu, et. al.Qiuyun Lyu ... Zhen Wang
04 Jul 2024
View more papers