Skip to content

Latest commit

 

History

History
109 lines (91 loc) · 8.06 KB

attack-tree.md

File metadata and controls

109 lines (91 loc) · 8.06 KB

Attack Tree Analysis for quantconnect/lean

Objective: Manipulate Trading Outcomes OR Steal Funds/Data

Attack Tree Visualization

Goal: Manipulate Trading Outcomes OR Steal Funds/Data ├── 1. Manipulate Trading Outcomes │ ├── 1.1 Inject Malicious Algorithm Code [HIGH RISK] │ │ ├── 1.1.1 Compromise Algorithm Source (External) [CRITICAL] │ │ │ ├── 1.1.1.1 Exploit Vulnerabilities in Deployment Pipeline (e.g., CI/CD) [HIGH RISK] │ │ │ └── 1.1.1.2 Social Engineering of Developers/Admins [HIGH RISK] │ ├── 1.2 Manipulate Market Data Feeds [HIGH RISK] │ │ ├── 1.2.1 Compromise Data Provider API [CRITICAL] │ │ │ ├── 1.2.1.1 Exploit API Vulnerabilities (e.g., weak authentication, injection) [HIGH RISK] │ ├── 1.3 Interfere with Order Execution [HIGH RISK] │ │ ├── 1.3.1 Compromise Brokerage API [CRITICAL] │ │ │ ├── 1.3.1.1 Exploit API Vulnerabilities (similar to 1.2.1.1) [HIGH RISK] ├── 2. Steal Funds/Data │ ├── 2.1 Exfiltrate API Keys/Credentials [HIGH RISK] │ │ ├── 2.1.1 Access Configuration Files (if stored insecurely) [HIGH RISK][CRITICAL] │ └── 2.4 Directly Transfer Funds (Requires Brokerage API Access) [HIGH RISK] │ ├── 2.4.1 Compromise Brokerage API [CRITICAL] │ │ ├── 1.3.1.1 Exploit API Vulnerabilities (Note: same as 1.3.1.1) [HIGH RISK]

Attack Tree Path: Inject Malicious Algorithm Code (1.1) [HIGH RISK]

  • Overall Description: The attacker aims to introduce malicious code into the trading algorithm, allowing them to control trading decisions, manipulate results, or steal data.

    • 1.1.1 Compromise Algorithm Source (External) [CRITICAL]
      • Description: The attacker gains unauthorized access to the source code of the trading algorithm before it is loaded into Lean.
      • Attack Vectors:
        • 1.1.1.1 Exploit Vulnerabilities in Deployment Pipeline (e.g., CI/CD) [HIGH RISK]
          • Description: The attacker exploits weaknesses in the Continuous Integration/Continuous Deployment pipeline to inject malicious code.
          • Example: Weak access controls on the CI/CD server, vulnerable build tools, compromised build scripts, lack of code signing.
          • Likelihood: Medium
          • Impact: High
          • Effort: Medium to High
          • Skill Level: Intermediate to Advanced
          • Detection Difficulty: Medium
        • 1.1.1.2 Social Engineering of Developers/Admins [HIGH RISK]
          • Description: The attacker uses social engineering techniques (phishing, pretexting, baiting) to trick developers or administrators into revealing credentials, installing malware, or granting access to the source code.
          • Example: A phishing email impersonating a trusted source, a phone call requesting sensitive information, a malicious USB drive left in a common area.
          • Likelihood: Medium
          • Impact: High
          • Effort: Low to Medium
          • Skill Level: Intermediate
          • Detection Difficulty: Hard

Attack Tree Path: Manipulate Market Data Feeds (1.2) [HIGH RISK]

  • Overall Description: The attacker aims to provide false or manipulated market data to the trading algorithm, causing it to make incorrect trading decisions.

    • 1.2.1 Compromise Data Provider API [CRITICAL]
      • Description: The attacker gains unauthorized access to the API of the data provider used by Lean.
      • Attack Vectors:
        • 1.2.1.1 Exploit API Vulnerabilities (e.g., weak authentication, injection) [HIGH RISK]
          • Description: The attacker exploits vulnerabilities in the data provider's API, such as weak authentication, lack of input validation, or SQL injection, to inject false data or gain unauthorized access.
          • Example: Using default or weak API keys, exploiting a SQL injection vulnerability to modify data, sending crafted requests to bypass authentication.
          • Likelihood: Medium
          • Impact: High
          • Effort: Medium to High
          • Skill Level: Intermediate to Advanced
          • Detection Difficulty: Medium

Attack Tree Path: Interfere with Order Execution (1.3) [HIGH RISK]

  • Overall Description: The attacker aims to disrupt or manipulate the order execution process, causing orders to be placed incorrectly, canceled, or delayed.

    • 1.3.1 Compromise Brokerage API [CRITICAL]
      • Description: The attacker gains unauthorized access to the API of the brokerage used by Lean.
      • Attack Vectors:
        • 1.3.1.1 Exploit API Vulnerabilities (similar to 1.2.1.1) [HIGH RISK]
          • Description: The attacker exploits vulnerabilities in the brokerage's API, such as weak authentication, lack of input validation, or other security flaws, to place unauthorized orders, cancel orders, or gain access to account information.
          • Example: Using stolen API keys, exploiting a cross-site scripting (XSS) vulnerability to inject malicious code, sending crafted requests to bypass authorization.
          • Likelihood: Medium
          • Impact: High to Very High
          • Effort: Medium to High
          • Skill Level: Intermediate to Advanced
          • Detection Difficulty: Medium

Attack Tree Path: Exfiltrate API Keys/Credentials (2.1) [HIGH RISK]

  • Overall Description: The attacker aims to steal API keys, passwords, or other credentials that grant access to the data provider, brokerage, or other sensitive resources.

    • 2.1.1 Access Configuration Files (if stored insecurely) [HIGH RISK][CRITICAL]
      • Description: The attacker gains access to configuration files that contain sensitive credentials stored in plain text or weakly encrypted.
      • Example: Accessing a configuration file stored on a publicly accessible web server, finding credentials hardcoded in the source code, exploiting a file inclusion vulnerability to read the configuration file.
      • Likelihood: Medium
      • Impact: Very High
      • Effort: Low
      • Skill Level: Novice to Intermediate
      • Detection Difficulty: Easy

Attack Tree Path: Directly Transfer Funds (2.4) [HIGH RISK]

  • Overall Description: The attacker aims to directly transfer funds out of brokerage account. * 2.4.1 Compromise Brokerage API [CRITICAL]
    • Description: The attacker gains unauthorized access to the API of the brokerage used by Lean.
    • Attack Vectors:
      • 1.3.1.1 Exploit API Vulnerabilities (Note: same as 1.3.1.1) [HIGH RISK]
        • Description: The attacker exploits vulnerabilities in the brokerage's API, such as weak authentication, lack of input validation, or other security flaws, to place unauthorized orders, cancel orders, or gain access to account information, including ability to transfer funds.
        • Example: Using stolen API keys, exploiting a cross-site scripting (XSS) vulnerability to inject malicious code, sending crafted requests to bypass authorization.
        • Likelihood: Medium
        • Impact: Very High
        • Effort: Medium to High
        • Skill Level: Intermediate to Advanced
        • Detection Difficulty: Medium