Detecting Cyber Security Anti-Patterns in System Architecture Models

Abstract: Organizations across the world have been on the receiving end of large-scale cyber-attacks. Over time, the number and the success of these attacks have grown to a high level. To prepare for these attacks, organizations have to test the resilience of their infrastructures. One way to manage the risk of these attacks and to ensure security is the use of threat modeling. Through threat modeling, organizations can analyze their infrastructure and identify vulnerabilities. The vulnerabilities then have to be patched to improve the overall security posture of the organization. When modeled, these vulnerabilities can occur in different forms. Certain vulnerabilities are specific to certain components in the system. On the other hand, some deficiencies occur in conjunction with multiple assets in the infrastructure. These are called structural deficiencies. Identifying and mitigating these structural deficiencies is very important. In this thesis, structural deficiencies are described and a catalog of some deficiencies is built through a survey. The deficiencies and the catalog are developed towork with Foreseeti AB’s securiCADmodeling software. Further, a deficiency model is defined that can enable description and search of these deficiencies in securiCAD models. Using the description model, all occurrences of the deficiency can be found. These occurrences then can be replaced with structural improvements. The improved securiCAD models are then tested with simulations. The results from the simulations show that the structural improvements are useful in significantly reducing the Time-To-Compromise (TTC) of important assets. Using the catalog and the deficiency model, system administrators can identify deficiencies and test the effect of different improvements in the securiCAD model which can then be applied to the actual infrastructure.