Validating enterpriseLang : A Domain- Specific Language Derived from the Meta Attack Language Framework / Validering av enterpriseLang : Validering av enterpriseLang Ett domänspecifikt språk baserat på ramverket; Meta Attack Language

Nordgren, Isak, Sederlin, Anton

January 2021

Enterprise data systems are continuously growing in complexity and size. The attack area of these systems has increased and introduced new vulnerabilities a potential adversary could exploit. Evaluating cyber security in enterprise IT infrastructure is difficult and expensive. Recently, a new threat modeling language was proposed for enterprise systems based on the MITRE Enterprise ATT&CK Matrix, namely enterpriseLang. This language is a domain- specific language built on the Meta Attack Language (MAL) framework. The purpose of enterpriseLang is to enable a simplified and cost- effective environment for enterprises to evaluate the security of their systems without disturbing the data flow of the actual system. However, how can we be sure that enterpriseLang is correct and effective enough to be used in practice? The language needs to be thoroughly validated to be used by companies for cyber security evaluation of enterprise systems. We have validated enterpriseLang by implementing it to model and simulate three real- world cyber attacks against, Equifax, National Health Service (NHS) and Garmin. The validation method was mainly based on the evaluation of two specific issues. Based on our results we concluded that we consider enterpriseLang to be correct and effective enough to be used in practice. On the contrary, we identified some aspects of the language that should be improved. / Företags datasystem växer kontinuerligt i komplexitet och storlek. Attackarean för dessa system har därmed ökat och infört nya sårbarheter som en potentiell angripare kan utnyttja. Att utvärdera cybersäkerhet i företags IT- infrastruktur är svårt och kostsamt. Nyligen föreslogs ett nytt språk för hotmodellering av företagssystem baserat på MITRE Enterprise ATT&CK matrix, nämligen enterpriseLang. Detta språk är ett domänspecifikt språk byggt på MAL- ramverket. Syftet med enterpriseLang är att möjliggöra ett förenklat och kostnadseffektivt modelleringsverktyg för företag att utvärdera säkerheten av sina system i, utan behovet av att störa dataflödet i det faktiska systemet. Hur kan vi dock vara säkra på att enterpriseLang är korrekt och tillräckligt effektivt för att användas i praktiken? Språket måste valideras grundligt för att kunna användas för evaluering av cybersäkerhet i företagssystem. Vi har validerat enterpriseLang genom att använda språket till att modellera och simulera tre verkliga cyberattacker mot Equifax, National Health Service och Garmin. Valideringsmetoden grundades i evalueringen av två huvudfrågor. Baserat på vårt resultat drog vi slutsatsen att vi anser enterpriseLang som korrekt och tillräckligt effektivt för att användas i praktiken. Däremot, identifierade vi några aspekter inom språket som bör förbättras.

Attack Simulations

Threat Modeling

Cyber Security

Enterprise Systems

Attacksimuleringar

Hotmodellering

Cybersäkerhet

Företagssystem

Computer Sciences

Datavetenskap (datalogi)

The Psychological Basis of Threat Perception and its Effect on the Use of Force by US Presidents

Kazazis, Collin J.

01 January 2019

This thesis creates a new variable for threat perception built upon psychological concepts and then applies this new variable to the question of why leaders use military force in certain situations. The concept of threat perception has a long history in the field in terms of its effect on leaders choosing to use military force. However, while the concept of threat perception is inherently psychological, previous proxies for the variable have included only situational factors, which is highly problematic. By utilizing the Operational Code, this study creates a new threat-perception variable based on cognitive constructs. Using a sample of US presidents, this new variable is tested in two different ways. The first examines three psychological characteristics (need for power, in-group bias, and distrust) from Leadership Trait Analysis that are thought to influence the level of threat perception in a leader. The second examines threat perception as an explanatory variable for the use of force alongside three other important control variables (economic violence, presidential popularity, and US power). The use of force variable is derived from Meernik's Use of Force dataset with each case in the dataset representing an opportunity to use force. The psychological data are derived from the verbal material of US presidents using at-a-distance methods found in the literature. OLS regression and probit are used to model the research questions. The project finds that levels of threat perception are indeed affected by a leader's level of distrust, in-group bias, and need for power. In addition, the new psychologically-derived threat-perception variable is a very good predictor of a president's use of force: presidents with higher levels of threat perception have a much higher probability of using force when the situation presents an opportunity.

Threat Perception

Political Psychology

International Relations

Decision-making Process

Operational Code

Presidential Studies

Political Science

Predicting threat capability in control systems to enhance cybersecurity risk determination

Price, Peyton

01 May 2020

Risk assessment is a critical aspect of all businesses, and leaders are tasked with limiting risk to the lowest reasonable level within their systems. Industrial Control Systems (ICS) operate in a different cybersecurity risk environment than business systems due to the possibility of second and third-order effects when an attack occurs. We present a process for predicting when an adversary gains the ability to attack an industrial control system. We assist leaders in understanding how attackers are targeting ICS by providing visualizations and percentages that can be applied to updating infrastructure or shifting personnel responsibilities to counter the threat. This new process seeks to integrate defenders and threat intelligence providers, allowing defenders to proactively defend their networks prior to devastating attacks. We apply the process by observing it under randomness with constraints and through a case study of the 2015 attack on the Ukrainian power grid. We find that this process answers the question of what an attacker can do, provides the ability for the defender to possess an updated understanding of the threat’s capability, and can both increase and decrease the probability that an attacker has a capability against a control system. This process will allow leaders to provide strategic vision to the businesses and systems that they manage.

industrial control system

risk

threat capability prediction

dempster combinations

cyber physical systems

Aiming for Success or Bracing for a Failure? The Influence of Stereotype Threat on Women's Math Achievement Goals

Bakker, Andrea I.

19 April 2007

No description available.

Psychology, Social

stereotype threat

stereotype

prejudice

women

mathematics

math

achievement goals

implicit theory

“Shackles and Chains:” Three Essays on the Determinants and Consequences of U.S. Mass Imprisonment in the Twenty-First Century

Durso, Rachel M.

29 December 2014

No description available.

Sociology

Criminology

Prisons

Incarceration

Race

Racial Threat

Privatization

Partisanship

Politics

Government

See Your Way to Success: Imagery Perspective Influences Performance under Stereotype Threat

Rea, Jessica Nicole

19 May 2015

No description available.

Social Psychology

Experimental Psychology

Psychology

Gender

stereotype threat

visual imagery perspective

performance

gender

STEM

social psychology

Compensatory Bolstering: Uncertainty or Threat?

Hinsenkamp, Lucas Daniel

08 October 2015

No description available.

Social Psychology

compensatory bolstering

psychological defense

uncertainty

threat

mortality salience

polarization

extremitization

Female Success in STEM: How Self-Efficacy Drives Effort

Halper, Leah R.

19 September 2017

No description available.

Psychology

Engineering

gender

STEM

self-efficacy

expectancy

motivation

effort

performance

goal

stereotype threat

The Effects of Jurisdictional Context on Racial and Ethnic Disparities in Prison Admissions

Durante, Katherine A.

05 December 2017

No description available.

Sociology

Imprisonment

Racial Threat

Racial Disparities

Inequality

Prison Admission

Sentence Length

"Draw-the-President": An Analysis of Children's Images of the Presidency and How They Affect Women in Politics

Moorman, Kathleen A.

11 May 2018

No description available.

Political Science

Social Psychology

political science

gender

stereotype threat

US Politics

social psychology