Abstract
This work addresses the growing need of performing meaningful probabilistic analysis of security. We propose a framework that integrates the graphical security modeling technique of attack–defense trees with probabilistic information expressed in terms of Bayesian networks. This allows us to perform probabilistic evaluation of attack–defense scenarios involving dependent actions. To improve the efficiency of our computations, we make use of inference algorithms from Bayesian networks and encoding techniques from constraint reasoning. We discuss the algebraic theory underlying our framework and point out several generalizations which are possible thanks to the use of semiring theory.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Arnborg, S., Corneil, D., Proskurowski, A.: Complexity of Finding Embeddings in a k-Tree. SIAM J. of Algebraic and Discrete Methods 8, 277–284 (1987)
Bagnato, A., Kordy, B., Meland, P.H., Schweitzer, P.: Attribute Decoration of Attack–Defense Trees. IJSSE 3(2), 1–35 (2012)
Bistarelli, S., Fioravanti, F., Peretti, P.: Defense Trees for Economic Evaluation of Security Investments. In: ARES, pp. 416–423. IEEE Computer Society (2006)
Bodlaender, H.L.: A Partial K-arboretum of Graphs with Bounded Treewidth. Theoretical Computer Science 209(1-2), 1–45 (1998)
Dechter, R.: Bucket Elimination: A Unifying Framework for Reasoning. Artif. Intell. 113, 41–85 (1999)
Dechter, R.: Constraint Processing. Morgan Kaufmann (2003)
Frigault, M., Wang, L.: Measuring Network Security Using Bayesian Network-Based Attack Graphs. In: COMPSAC, pp. 698–703 (2008)
van Harmelen, F., van Harmelen, F., Lifschitz, V., Porter, B.: Handbook of Knowledge Representation. Elsevier Science, San Diego (2007)
Kohlas, J.: Information Algebras: Generic Structures for Inference. Springer (2003)
Kohlas, J., Wilson, N.: Semiring induced Valuation Algebras: Exact and Approximate Local Computation algorithms. Artif. Intell. 172(11), 1360–1399 (2008)
Kordy, B., Kordy, P., Mauw, S., Schweitzer, P.: ADTool: Security Analysis with Attack–Defense Trees. In: Joshi, K., Siegle, M., Stoelinga, M., D’Argenio, P.R. (eds.) QEST 2013. LNCS, vol. 8054, pp. 173–176. Springer, Heidelberg (2013)
Kordy, B., Mauw, S., Radomirović, S., Schweitzer, P.: Foundations of Attack–Defense Trees. In: Degano, P., Etalle, S., Guttman, J. (eds.) FAST 2010. LNCS, vol. 6561, pp. 80–95. Springer, Heidelberg (2011)
Kordy, B., Mauw, S., Radomirović, S., Schweitzer, P.: Attack–Defense Trees. Journal of Logic and Computation 24(1), 55–87 (2014)
Kordy, B., Mauw, S., Schweitzer, P.: Quantitative Questions on Attack–Defense Trees. In: Kwon, T., Lee, M.-K., Kwon, D. (eds.) ICISC 2012. LNCS, vol. 7839, pp. 49–64. Springer, Heidelberg (2013)
Kordy, B., Piètre-Cambacédès, L., Schweitzer, P.: DAG-Based Attack and Defense Modeling: Don’t Miss the Forest for the Attack Trees. CoRR 1303.7397 (2013), http://arxiv.org/abs/1303.7397 (under submission)
Kordy, B., Pouly, M., Schweitzer, P.: Computational Aspects of Attack–Defense Trees. In: Bouvry, P., Kłopotek, M.A., Leprévost, F., Marciniak, M., Mykowiecka, A., Rybiński, H. (eds.) SIIS 2011. LNCS, vol. 7053, pp. 103–116. Springer, Heidelberg (2012)
Lagerström, R., Johnson, P., Närman, P.: Extended Influence Diagram Generation. In: Jardim-Gonçalves, R., Müller, J.P., Mertins, K., Zelm, M. (eds.) IESA, pp. 599–602. Springer (2007)
Mauw, S., Oostdijk, M.: Foundations of Attack Trees. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186–198. Springer, Heidelberg (2006)
Mell, P., Scarfone, K., Romanosky, S.: A Complete Guide to the Common Vulnerability Scoring System Version 2.0 (2007), http://www.first.org/cvss/cvss-guide.html
Pearl, J.: Probabilistic Reasoning in Intelligent Systems: Networks of Plausible Inference. Morgan Kaufmann (1988)
Poolsappasit, N., Dewri, R., Ray, I.: Dynamic Security Risk Management Using Bayesian Attack Graphs. IEEE Trans. Dep. Sec. Comp. 9(1), 61–74 (2012)
Pouly, M., Kohlas, J.: Generic Inference - A Unifying Theory for Automated Reasoning. John Wiley & Sons, Inc. (2011)
Pouly, M.: NENOK - A Software Architecture for Generic Inference. Int. J. on Artif. Intel. Tools 19, 65–99 (2010)
Qin, X., Lee, W.: Attack plan recognition and prediction using causal networks. In: ACSAC, pp. 370–379 (2004)
Robertson, N., Seymour, P.: Graph Minors I: Excluding a Forest. J. Comb. Theory, Ser. B 35(1), 39–61 (1983)
Schneier, B.: Attack Trees. Dr. Dobb’s Journal of Software Tools 24(12), 21–29 (1999)
Shenoy, P.: Valuation-Based Systems: A Framework for Managing Uncertainty in Expert Systems. In: Zadeh, L., Kacprzyk, J. (eds.) Fuzzy Logic for the Management of Uncertainty, pp. 83–104. John Wiley & Sons, Inc. (1992)
Sommestad, T., Ekstedt, M., Nordström, L.: Modeling security of power communication systems using defense graphs and influence diagrams. IEEE Trans. Pow. Del. 24(4), 1801–1808 (2009)
Zadeh, L.: Fuzzy sets as a basis for a theory of possibility. Fuzzy Sets and Systems 1, 3–28 (1978)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Kordy, B., Pouly, M., Schweitzer, P. (2014). A Probabilistic Framework for Security Scenarios with Dependent Actions. In: Albert, E., Sekerinski, E. (eds) Integrated Formal Methods. IFM 2014. Lecture Notes in Computer Science(), vol 8739. Springer, Cham. https://doi.org/10.1007/978-3-319-10181-1_16
Download citation
DOI: https://doi.org/10.1007/978-3-319-10181-1_16
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-10180-4
Online ISBN: 978-3-319-10181-1
eBook Packages: Computer ScienceComputer Science (R0)