Attack propagation and response in digital service chains

This thesis deals with the detection of multi-step attack and strategies to mitigate them within Digital Service Chains (DSCs), a framework increasingly adopted by Digital Service Providers (DSPs) to integrate various digital components like IoT, software and cloud infrastructure. While DSCs offer significant advantages in terms of scalability and flexibility, they also introduce security challenges, making difficult to isolate and mitigate threats. To address these challenges, this work proposed an innovative approach based on TAMELESS (Threat & Attack ModEL Smart System) framework. TAMELESS is designed to detect threats by determine if a system is secure through the study of its components and their security properties. An important element of this thesis is the inclusion of Common Vulnerabilities and Exposure (CVEs) within the multi-step attack scenario. The work also proposes a threat model for CVEs that can be used to automate the analysis of vulnerabilities in the TAMELSS framework. The modifications made to TAMELESS involve focus exclusively on the cyber aspect of threats, integrating CVEs to reinforce vulnerability analysis and add functionalities for managing patches. The patch management ensure that once vulnerabilities are identified and patched, they are neutralized, reducing the risk of threats. The obtained result demonstrates the efficiency of the modified TAMELESS framework in identifying threats, analyzing attack patch and mitigating the risk associated with multi-step attacks. This work provides an advanced approach to make DSCs more secure in an interconnected environment, offering a robust framework for future developments in threat detection and response strategies.