Metamodel for Attackers and System Vulnerabilities
A metamodel to model the attacker’s capabilities and the vulnerabilities of the system. This can then be used to determine the potential weak spots after a new vulnerability is identified or to find attack paths to old vulnerable legacy elements such as essential components without security support. Our modelling approach is based on the commonly known vulnerability classifications Common Weakness Enumeration (CWE), Common Vulnerabilities and Exposures (CVE), and Common Vulnerability Scoring System (CVSS).
Specurity Aspects
Name
Description
Describes expected vulnerabilities for elements (based on CVE/CWE)
Specification Elements
Name
Description
An attack exploiting a common weakness
An attack exploiting a common vulnerability
A vulnerability related to a common weakness
A vulnerability related to a common vulnerability
An attacker with capabilities, the attacks it performs, and the assets it compromises.
An attacker can gather data during the propagation, which is stored as a list of CompromisedData.
This describes the impact on confidentiality for exploiting this element: None would leak no additional data, and High would indicate that data is leaked.
This describes whether the attacks needs to be local or not. For instance, if there is a local vulnerability on the storage server in our running example, an attacker would need to be already in the deployed components on this server. However, in case of a network vulnerability, the attacker could attack the hardware resource from any element in the system.
This describes whether certain credentials are necessary to exploit the attack: None would require no credentials, Authenticated would require the ones necessary to access the element.
Security Aspects
Attacker Capabilities
Describes expected vulnerabilities for elements (based on CVE/CWE)- Specification Elements:
- Attacker
- AttackVector
- CompromisedData
- ConfidentialityImpact
- CVEAttack
- CVEVulnerability
- CWEAttack
- CWEVulnerability
- MethodSpecification
- Privileges
- Threats:
- Information Disclosure
Specification Elements
CWEAttack
An attack exploiting a common weakness- Applies to:
CVEAttack
An attack exploiting a common vulnerability- Applies to:
CWEVulnerability
A vulnerability related to a common weakness- Applies to:
CVEVulnerability
A vulnerability related to a common vulnerability- Applies to:
Attacker
An attacker with capabilities, the attacks it performs, and the assets it compromises.- Applies to:
CompromisedData
An attacker can gather data during the propagation, which is stored as a list of CompromisedData.- Applies to:
- Data
ConfidentialityImpact
This describes the impact on confidentiality for exploiting this element: None would leak no additional data, and High would indicate that data is leaked.AttackVector
This describes whether the attacks needs to be local or not. For instance, if there is a local vulnerability on the storage server in our running example, an attacker would need to be already in the deployed components on this server. However, in case of a network vulnerability, the attacker could attack the hardware resource from any element in the system.- Applies to:
- Connection
- Node
Privileges
This describes whether certain credentials are necessary to exploit the attack: None would require no credentials, Authenticated would require the ones necessary to access the element.- Applies to:
- State