Attack Analysis Methodologies
| dc.contributor.author | Reza Esmaeili, Seyed | |
| dc.contributor.author | Soltani Esterabadi, Afshin | |
| dc.contributor.department | Chalmers tekniska högskola / Institutionen för data och informationsteknik | sv |
| dc.contributor.examiner | Olovsson, Tomas | |
| dc.date.accessioned | 2019-12-19T09:28:00Z | |
| dc.date.available | 2019-12-19T09:28:00Z | |
| dc.date.issued | 2019 | sv |
| dc.date.submitted | 2019 | |
| dc.description.abstract | new, hi-tech, automated devices entered our lives, a tendency of moving from the disjointed nature of objects to a more interconnected world has emerged. Although such need of interconnection was originated in the IT industry and with the Internet of Things (IoT), automotive industry was also affected by such a trend. Connected, electric, highly-automated and autonomous vehicles are making their way into our lives. As a result of this paradigm shift, new security challenges are introduced in the automotive industry. Vehicles are comprised of tens or sometimes a hundred of computers, also known as Electronic Control Units (ECUs) that need to communicate and be interconnected in order for the vehicle to function properly. Protecting vehicles from potential threats and attacks that may compromise the security and consequently the safety of both the vehicle and the passenger is of great importance. Hence, a comprehensible attack analysis methodology is needed to model the possible attacks in vehicles. Attack analysis is part of the risk assessment process. To have an accurate risk analysis, two factors are needed: first, the impact of an attack vector, which is not the subject of this thesis, and second, the feasibility of an attack path which is what we address as a part of our thesis using the nominated attack analysis methodology. In this thesis, we investigate existing methodologies for modelling attacks and try to nominate one that is most suitable for the automotive industry. This judgement is based on a list of criteria that are collected either through surveying previous related works or through interviewing industrial and academic experts. Once the methodology is nominated, we introduce a method for calculating the feasibility of different possible attack paths using the proposed methodology. Finally, we use some use cases by means of which we demonstrate how our nominated method can be used to model attacks against some assets and how the feasibility of each attack vector can be calculated for the use cases. | sv |
| dc.identifier.coursecode | DATX05 | sv |
| dc.identifier.uri | https://hdl.handle.net/20.500.12380/300610 | |
| dc.language.iso | eng | sv |
| dc.setspec.uppsok | Technology | |
| dc.subject | Automotive | sv |
| dc.subject | Cybersecurity | sv |
| dc.subject | Cyberattack | sv |
| dc.subject | Attack surface | sv |
| dc.subject | Attack analysis | sv |
| dc.subject | Risk assessment | sv |
| dc.subject | Threat analysis | sv |
| dc.subject | Attack feasibility | sv |
| dc.subject | Attack potentials. | sv |
| dc.title | Attack Analysis Methodologies | sv |
| dc.type.degree | Examensarbete för masterexamen | sv |
| dc.type.uppsok | H |
Ladda ner
Original bundle
1 - 1 av 1
Hämtar...
- Namn:
- CSE 19-103 ODR Esmaeili Esterabadi.pdf
- Storlek:
- 3.17 MB
- Format:
- Adobe Portable Document Format
- Beskrivning:
- CSE 19-103 Esmaeili Esterabadi
License bundle
1 - 1 av 1
Hämtar...
- Namn:
- license.txt
- Storlek:
- 1.14 KB
- Format:
- Item-specific license agreed upon to submission
- Beskrivning: