Skip to main content
SpringerLink
Log in

Attacker Profiling in Quantitative Security Assessment Based on Attack Trees

  • Conference paper
Secure IT Systems (NordSec 2014)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8788))

Included in the following conference series:

Abstract

Providing meaningful estimations for the quantitative annotations on the steps of complex multi-step attacks is hard, as they are jointly influenced by the infrastructure and attacker properties. The paper introduces attacker profiling as the concept of separation of the infrastructure properties from the properties of malicious agents undertaking strategic decisions in the considered environment. We show that attacker profiling may be integrated into existing quantitative security assessment tools without any significant performance penalty. As an example of such integration we introduce the new analysis tool named ApproxTree+ which is an extension of the existing ApproxTree tool, enhancing it by incorporating attacker profiling capabilities into it.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Jürgenson, A., Willemson, J.: On Fast and Approximate Attack Tree Computations. In: Kwak, J., Deng, R.H., Won, Y., Wang, G. (eds.) ISPEC 2010. LNCS, vol. 6047, pp. 56–66. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  2. Vesely, W.E., Goldberg, F.F., Roberts, N.H., Haasl, D.F.: Fault Tree Handbook. U.S. Nuclear Regulatory Commission, Washington, DC (1981)

    Google Scholar 

  3. Schneier, B.: Attack trees. Dr. Dobb’s Journal of Software Tools 24(12), 21–22, 24, 26, 28–29 (1999)

    Google Scholar 

  4. Schumacher, M.: Security Engineering with Patterns. LNCS, vol. 2754. Springer, Heidelberg (2003)

    Book  Google Scholar 

  5. Miede, A., Nedyalkov, N., Gottron, C., König, A., Repp, N., Steinmetz, R.: A Generic Metamodel for IT Security. In: ARES, pp. 430–437. IEEE Computer Society (2010)

    Google Scholar 

  6. Trivedi, K.S., Kim, D.S., Roy, A., Medhi, D.: Dependability and Security Models. In: Proceedings of the 7th IEEE International Workshop on the Design of Reliable Communication Networks (DRCN), Washington, DC, pp. 11–20 (October 2009)

    Google Scholar 

  7. Schneier, B.: Secrets & Lies: Digital Security in a Networked World, 1st edn. John Wiley & Sons, Inc., New York (2000)

    Google Scholar 

  8. Kordy, B., Mauw, S., Radomirović, S., Schweitzer, P.: Attack–Defense Trees. Journal of Logic and Computation 24(1), 55–87 (2014)

    Article  MathSciNet  MATH  Google Scholar 

  9. Buldas, A., Laud, P., Priisalu, J., Saarepera, M., Willemson, J.: Rational Choice of Security Measures Via Multi-parameter Attack Trees. In: López, J. (ed.) CRITIS 2006. LNCS, vol. 4347, pp. 235–248. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  10. Jürgenson, A., Willemson, J.: Computing Exact Outcomes of Multi-parameter Attack Trees. In: Meersman, R., Tari, Z. (eds.) OTM 2008, Part II. LNCS, vol. 5332, pp. 1036–1051. Springer, Heidelberg (2008)

    Google Scholar 

  11. Jürgenson, A., Willemson, J.: Serial Model for Attack Tree Computations. In: Lee, D., Hong, S. (eds.) ICISC 2009. LNCS, vol. 5984, pp. 118–128. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  12. Mauw, S., Oostdijk, M.: Foundations of Attack Trees. In: Won, D., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186–198. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  13. Buldas, A., Stepanenko, R.: Upper Bounds for Adversaries’ Utility in Attack Trees. In: Grossklags, J., Walrand, J. (eds.) GameSec 2012. LNCS, vol. 7638, pp. 98–117. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  14. Buldas, A., Lenin, A.: New Efficient Utility Upper Bounds for the Fully Adaptive Model of Attack Trees. In: Das, S.K., Nita-Rotaru, C., Kantarcioglu, M. (eds.) GameSec 2013. LNCS, vol. 8252, pp. 192–205. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  15. Kordy, B., Pietre-Cambacedes, L., Schweitzer, P.: DAG-Based Attack and Defense Modeling: Don’t Miss the Forest for the Attack Trees. CoRR abs/1303.7397 (2013)

    Google Scholar 

  16. Phillips, C., Swiler, L.P.: A Graph-based System for Network-vulnerability Analysis. In: Proceedings of the 1998 Workshop on New Security Paradigms, NSPW 1998, pp. 71–79. ACM, New York (1998)

    Chapter  Google Scholar 

  17. “Know Your Enemies” series: Honeynet Project. Know Your Enemy The Tools and Methodologies of the Script Kiddie (July 2000), http://project.honeynet.org

  18. “Know Your Enemies” series: Honeynet Project. Know Your Enemy II: Tracking the blackhat’s moves (June 2001), http://project.honeynet.org

  19. “Know Your Enemies” series: Honeynet Project. Know Your Enemy III: They Gain Root (March 2000), http://project.honeynet.org

  20. Blomquist, A., Arvola, M.: Personas in action: Ethnography in an interaction design team. In: Proceedings of the Second Nordic Conference on Human-computer Interaction, NordiCHI 2002, pp. 197–200. ACM, New York (2002)

    Chapter  Google Scholar 

  21. Castro, J.W., Acuña, S.T., Juzgado, N.J.: Integrating the Personas Technique into the Requirements Analysis Activity. In: Gelbukh, A.F., Adiba, M.E. (eds.) ENC, pp. 104–112. IEEE Computer Society (2008)

    Google Scholar 

  22. Faily, S., Flechais, I.: Barry is not the weakest link: eliciting secure system requirements with personas. In: McEwan, T., McKinnon, L. (eds.) BCS HCI, pp. 124–132. ACM (2010)

    Google Scholar 

  23. Faily, S., Flechais, I.: Persona cases: A technique for grounding personas. In: Tan, D.S., Amershi, S., Begole, B., Kellogg, W.A., Tungare, M. (eds.) CHI, pp. 2267–2270. ACM (2011)

    Google Scholar 

  24. Pardue, H., Landry, J., Yasinsac, A.: A Risk Assessment Model for Voting Systems using Threat Trees and Monte Carlo Simulation. In: 2009 First International Workshop on Requirements Engineering for e-Voting Systems (RE-VOTE), pp. 55–60 (2009)

    Google Scholar 

  25. Sallhammar, K., Knapskog, S.J., Helvik, B.E.: Building a Stochastic Model for Security and Trust Assessment Evaluation (October 2005), http://q2s.ntnu.no/publications/open/2005/Mass_media/2005_sallhammar_BSM.pdf

  26. Tipton, H., Baker, P.: Official (ISC)2 guide to the CISSP CBK (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Cybernetica AS, Mäealuse 2/1, Tallinn, Estonia

    Aleksandr Lenin & Jan Willemson

  2. Tallinn University of Technology, Ehitajate tee 5, Tallinn, Estonia

    Aleksandr Lenin & Dyan Permata Sari

Authors
  1. Aleksandr Lenin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jan Willemson
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Dyan Permata Sari
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. SINTEF ICT, Trondheim, Norway

    Karin Bernsmed

  2. Karlstad University, Karlstad, Sweden

    Simone Fischer-Hübner

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Lenin, A., Willemson, J., Sari, D.P. (2014). Attacker Profiling in Quantitative Security Assessment Based on Attack Trees. In: Bernsmed, K., Fischer-Hübner, S. (eds) Secure IT Systems. NordSec 2014. Lecture Notes in Computer Science(), vol 8788. Springer, Cham. https://doi.org/10.1007/978-3-319-11599-3_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-11599-3_12

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-11598-6

  • Online ISBN: 978-3-319-11599-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation