Architecture-based Attack Path Analysis for Identifying Potential Security IncidentsFull Paper
Analyzing attacks and potential attack paths can help to identify and avoid potential security incidents. Manually estimating an attack path to a targeted software element can be complex since a software system consists of multiple vulnerable elements, such as components, hardware resources, or network elements. In addition, the elements are protected by access control. Software architecture describes the structural elements of the system, which may form elements of the attack path. However, estimating attack paths is complex since different attack paths can lead to a targeted element. Additionally, not all attack paths might be relevant since attack paths can have different properties based on the attacker’s capabilities and knowledge. We developed an approach that enables architects to identify relevant attack paths based on the software architecture. We created a metamodel for filtering options and added support for describing attack paths in an architectural description language. Based on this metamodel, we developed an analysis that automatically estimates attack paths using the software architecture. This can help architects to identify relevant attack paths to a targeted component and increase the system’s overall security. We evaluated our approach on five different scenarios. Our evaluation goals are to investigate our analysis’s accuracy and scalability. The results suggest a high accuracy and good runtime behavior for smaller architectures.