Abstract
Providing meaningful estimations for the quantitative annotations on the steps of complex multi-step attacks is hard, as they are jointly influenced by the infrastructure and attacker properties. The paper introduces attacker profiling as the concept of separation of the infrastructure properties from the properties of malicious agents undertaking strategic decisions in the considered environment. We show that attacker profiling may be integrated into existing quantitative security assessment tools without any significant performance penalty. As an example of such integration we introduce the new analysis tool named ApproxTree+ which is an extension of the existing ApproxTree tool, enhancing it by incorporating attacker profiling capabilities into it.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Jürgenson, A., Willemson, J.: On Fast and Approximate Attack Tree Computations. In: Kwak, J., Deng, R.H., Won, Y., Wang, G. (eds.) ISPEC 2010. LNCS, vol. 6047, pp. 56–66. Springer, Heidelberg (2010)
Vesely, W.E., Goldberg, F.F., Roberts, N.H., Haasl, D.F.: Fault Tree Handbook. U.S. Nuclear Regulatory Commission, Washington, DC (1981)
Schneier, B.: Attack trees. Dr. Dobb’s Journal of Software Tools 24(12), 21–22, 24, 26, 28–29 (1999)
Schumacher, M.: Security Engineering with Patterns. LNCS, vol. 2754. Springer, Heidelberg (2003)
Miede, A., Nedyalkov, N., Gottron, C., König, A., Repp, N., Steinmetz, R.: A Generic Metamodel for IT Security. In: ARES, pp. 430–437. IEEE Computer Society (2010)
Trivedi, K.S., Kim, D.S., Roy, A., Medhi, D.: Dependability and Security Models. In: Proceedings of the 7th IEEE International Workshop on the Design of Reliable Communication Networks (DRCN), Washington, DC, pp. 11–20 (October 2009)
Schneier, B.: Secrets & Lies: Digital Security in a Networked World, 1st edn. John Wiley & Sons, Inc., New York (2000)
Kordy, B., Mauw, S., Radomirović, S., Schweitzer, P.: Attack–Defense Trees. Journal of Logic and Computation 24(1), 55–87 (2014)
Buldas, A., Laud, P., Priisalu, J., Saarepera, M., Willemson, J.: Rational Choice of Security Measures Via Multi-parameter Attack Trees. In: López, J. (ed.) CRITIS 2006. LNCS, vol. 4347, pp. 235–248. Springer, Heidelberg (2006)
Jürgenson, A., Willemson, J.: Computing Exact Outcomes of Multi-parameter Attack Trees. In: Meersman, R., Tari, Z. (eds.) OTM 2008, Part II. LNCS, vol. 5332, pp. 1036–1051. Springer, Heidelberg (2008)
Jürgenson, A., Willemson, J.: Serial Model for Attack Tree Computations. In: Lee, D., Hong, S. (eds.) ICISC 2009. LNCS, vol. 5984, pp. 118–128. Springer, Heidelberg (2010)
Mauw, S., Oostdijk, M.: Foundations of Attack Trees. In: Won, D., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186–198. Springer, Heidelberg (2006)
Buldas, A., Stepanenko, R.: Upper Bounds for Adversaries’ Utility in Attack Trees. In: Grossklags, J., Walrand, J. (eds.) GameSec 2012. LNCS, vol. 7638, pp. 98–117. Springer, Heidelberg (2012)
Buldas, A., Lenin, A.: New Efficient Utility Upper Bounds for the Fully Adaptive Model of Attack Trees. In: Das, S.K., Nita-Rotaru, C., Kantarcioglu, M. (eds.) GameSec 2013. LNCS, vol. 8252, pp. 192–205. Springer, Heidelberg (2013)
Kordy, B., Pietre-Cambacedes, L., Schweitzer, P.: DAG-Based Attack and Defense Modeling: Don’t Miss the Forest for the Attack Trees. CoRR abs/1303.7397 (2013)
Phillips, C., Swiler, L.P.: A Graph-based System for Network-vulnerability Analysis. In: Proceedings of the 1998 Workshop on New Security Paradigms, NSPW 1998, pp. 71–79. ACM, New York (1998)
“Know Your Enemies” series: Honeynet Project. Know Your Enemy The Tools and Methodologies of the Script Kiddie (July 2000), http://project.honeynet.org
“Know Your Enemies” series: Honeynet Project. Know Your Enemy II: Tracking the blackhat’s moves (June 2001), http://project.honeynet.org
“Know Your Enemies” series: Honeynet Project. Know Your Enemy III: They Gain Root (March 2000), http://project.honeynet.org
Blomquist, A., Arvola, M.: Personas in action: Ethnography in an interaction design team. In: Proceedings of the Second Nordic Conference on Human-computer Interaction, NordiCHI 2002, pp. 197–200. ACM, New York (2002)
Castro, J.W., Acuña, S.T., Juzgado, N.J.: Integrating the Personas Technique into the Requirements Analysis Activity. In: Gelbukh, A.F., Adiba, M.E. (eds.) ENC, pp. 104–112. IEEE Computer Society (2008)
Faily, S., Flechais, I.: Barry is not the weakest link: eliciting secure system requirements with personas. In: McEwan, T., McKinnon, L. (eds.) BCS HCI, pp. 124–132. ACM (2010)
Faily, S., Flechais, I.: Persona cases: A technique for grounding personas. In: Tan, D.S., Amershi, S., Begole, B., Kellogg, W.A., Tungare, M. (eds.) CHI, pp. 2267–2270. ACM (2011)
Pardue, H., Landry, J., Yasinsac, A.: A Risk Assessment Model for Voting Systems using Threat Trees and Monte Carlo Simulation. In: 2009 First International Workshop on Requirements Engineering for e-Voting Systems (RE-VOTE), pp. 55–60 (2009)
Sallhammar, K., Knapskog, S.J., Helvik, B.E.: Building a Stochastic Model for Security and Trust Assessment Evaluation (October 2005), http://q2s.ntnu.no/publications/open/2005/Mass_media/2005_sallhammar_BSM.pdf
Tipton, H., Baker, P.: Official (ISC)2 guide to the CISSP CBK (2010)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Lenin, A., Willemson, J., Sari, D.P. (2014). Attacker Profiling in Quantitative Security Assessment Based on Attack Trees. In: Bernsmed, K., Fischer-Hübner, S. (eds) Secure IT Systems. NordSec 2014. Lecture Notes in Computer Science(), vol 8788. Springer, Cham. https://doi.org/10.1007/978-3-319-11599-3_12
Download citation
DOI: https://doi.org/10.1007/978-3-319-11599-3_12
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-11598-6
Online ISBN: 978-3-319-11599-3
eBook Packages: Computer ScienceComputer Science (R0)