README.md 3.76 KB
Newer Older
Jaime Arias's avatar
Jaime Arias committed
1
2
3
4
5
6
7
8
9
10
11
# Minimal Schedule with Minimal Number of Agents in Attack-Defence Trees

This repository hosts the results for the paper.

## Clone this repository:
```
git clone https://depot.lipn.univ-paris13.fr/parties/publications/minimal-scheduling.git && cd minimal-scheduling
```

## Folder Structure

Jaime Arias's avatar
Jaime Arias committed
12
13
14
15
16
17
18
19
20
21
22
23
24
25
```
.
└── results                # folder with the ADTree models and the minimal assignments
    ├── iot-dev            # compromise IoT device
    │   ├── assignment
    │   └── model
    ├── toy-example        # model with many parallel assignments
    │   ├── assignment
    │   └── model
    └── treasure-hunters   # steal a treasure in a museum
        ├── assignment
        └── model
```

Jaime Arias's avatar
Jaime Arias committed
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
## Results

### Treasure Hunters

It models thieves that try to steal a treasure in a museum. To achieve their
goal, they first must access the treasure room, which involves bribing a
guard (b), and forcing the secure door (f). Both actions are costly and take
some time. Two coalitions are possible: either a single thief has to carry
out both actions, or a second thief could be hired to parallelise b and f.
After these actions succeed the attacker/s can steal the treasure (ST), which
takes a little time for opening its display stand and putting it in a bag. If
the two-thieves coalition is used, we encode in ST an extra 90 € to hire the
second thief — the computation function of the gate can handle this plurality
— else ST incurs no extra cost. Then the thieves are ready to flee (TF),
choosing an escape route to get away (GA): this can be a spectacular escape
in a helicopter (h), or a mundane one via the emergency exit (e). The
helicopter is expensive but fast while the emergency exit is slower but at no
cost. Furthermore, the time to perform a successful escape could depend on
the number of agents involved in the robbery. Again, this can be encoded via
computation functions in gate GA.

As soon as the treasure room is penetrated (i.e. after b and f but before ST)
an alarm goes off at the police station, so while the thieves flee the police
hurries to intervene (p). The treasure is then successfully stolen iff the
thieves have fled and the police failed to arrive or does so too late. This
last possibility is captured by the condition associated with the treasure
stolen gate (TS), which states that the arrival time of the police must be
greater than the time for the thieves to steal the treasure and go away.

Jaime Arias's avatar
Jaime Arias committed
55
56
#### ADTree model

Jaime Arias's avatar
Jaime Arias committed
57
58
![Treasure Hunters ADTree](results/treasure-hunters/model/treasure-hunters.png)

Jaime Arias's avatar
Jaime Arias committed
59
#### Minimal Scheduling
60
61
62
63
64

![treasure-hunters Assignment](results/treasure-hunters/assignment/treasure-hunters_scheduling.png)

### Toy Example

Jaime Arias's avatar
Jaime Arias committed
65
66
#### ADTree model

67
![toy-example ADTree](results/toy-example/model/toy-example.png)
Jaime Arias's avatar
Jaime Arias committed
68

Jaime Arias's avatar
Jaime Arias committed
69
#### Minimal Scheduling
70
71
72

![toy-example Assignment](results/toy-example/assignment/toy-example_scheduling.png)

Jaime Arias's avatar
Jaime Arias committed
73
74
75
76
77
78
79
80
### Compromise IoT device (iot-dev)

This model describes an attack to an Internet-of-Things (IoT) device either
via wireless or wired LAN. Once the attacker gains access to the private
network and has acquired the corresponding credentials, it can exploit a
software vulnerability in the IoT device to run a malicious script. Our
ADTree adds defence nodes on top of the attack trees used in [4].

Jaime Arias's avatar
Jaime Arias committed
81
82
#### ADTree model

Jaime Arias's avatar
Jaime Arias committed
83
84
![iot-dev ADTree](results/iot-dev/model/iot-dev.png)

Jaime Arias's avatar
Jaime Arias committed
85
#### Minimal Scheduling
Jaime Arias's avatar
Jaime Arias committed
86

87
![iot-dev Assignment](results/iot-dev/assignment/iot-dev_scheduling.png)
Jaime Arias's avatar
Jaime Arias committed
88
89
90
91
92
93
94
95

## Authors

- Jaime Arias (LIPN, CNRS UMR 7030, Université Sorbonne Paris Nord)
- Wojciech Penczek (Institute of Computer Science, PAS, Warsaw University of Technology)
- Laure Petrucci (LIPN, CNRS UMR 7030, Université Sorbonne Paris Nord)
- Teofil Sidoruk (Institute of Computer Science, PAS, Warsaw University of Technology)

Jaime Arias's avatar
Jaime Arias committed
96
## Abstract