Skip to main content
SpringerLink
Log in

Quantitative Questions on Attack–Defense Trees

  • Conference paper
Information Security and Cryptology – ICISC 2012 (ICISC 2012)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7839))

Included in the following conference series:

Abstract

Attack–defense trees are a novel methodology for graphical security modeling and assessment. The methodology includes intuitive and formal components that can be used for quantitative analysis of attack–defense scenarios. In practice, we use intuitive questions to ask about aspects of scenarios we are interested in. Formally, a computational procedure, using a bottom-up algorithm, is applied to derive the corresponding numerical values. This paper bridges the gap between the intuitive and the formal way of quantitatively assessing attack–defense scenarios. We discuss how to properly specify a question, so that it can be answered unambiguously. Given a well-specified question, we then show how to derive an appropriate attribute domain which constitutes the corresponding formal model.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Abdulla, P.A., Cederberg, J., Kaati, L.: Analyzing the Security in the GSM Radio Network Using Attack Jungles. In: Margaria, T., Steffen, B. (eds.) ISoLA 2010, Part I. LNCS, vol. 6415, pp. 60–74. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  2. Amenaza: SecurITree, http://www.amenaza.com/ (accessed October 5, 2012)

  3. Amoroso, E.G.: Fundamentals of Computer Security Technology. Prentice-Hall, Inc., Upper Saddle River (1994), http://portal.acm.org/citation.cfm?id=179237

    MATH  Google Scholar 

  4. Baca, D., Petersen, K.: Prioritizing Countermeasures through the Countermeasure Method for Software Security (CM-Sec). In: Ali Babar, M., Vierimaa, M., Oivo, M. (eds.) PROFES 2010. LNCS, vol. 6156, pp. 176–190. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  5. Bagnato, A., Kordy, B., Meland, P.H., Schweitzer, P.: Attribute Decoration of Attack–Defense Trees. International Journal of Secure Software Engineering (IJSSE) 3(2), 1–35 (2012)

    Article  Google Scholar 

  6. Bistarelli, S., Dall’Aglio, M., Peretti, P.: Strategic Games on Defense Trees. In: Dimitrakos, T., Martinelli, F., Ryan, P.Y.A., Schneider, S. (eds.) FAST 2006. LNCS, vol. 4691, pp. 1–15. Springer, Heidelberg (2007), http://www.springerlink.com/content/83115122h9007685/

    Chapter  Google Scholar 

  7. Buldas, A., Laud, P., Priisalu, J., Saarepera, M., Willemson, J.: Rational Choice of Security Measures Via Multi-parameter Attack Trees. In: López, J. (ed.) CRITIS 2006. LNCS, vol. 4347, pp. 235–248. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  8. Byres, E.J., Franz, M., Miller, D.: The Use of Attack Trees in Assessing Vulnerabilities in SCADA Systems. In: International Infrastructure Survivability Workshop (IISW 2004). Institute of Electrical and Electronics Engineers, Lisbon (2004)

    Google Scholar 

  9. Edge, K.S., Dalton II, G.C., Raines, R.A., Mills, R.F.: Using Attack and Protection Trees to Analyze Threats and Defenses to Homeland Security. In: MILCOM, pp. 1–7. IEEE (2006)

    Google Scholar 

  10. Fung, C., Chen, Y.L., Wang, X., Lee, J., Tarquini, R., Anderson, M., Linger, R.: Survivability analysis of distributed systems using attack tree methodology. In: Proceedings of the 2005 IEEE Military Communications Conference, vol. 1, pp. 583–589 (October 2005)

    Google Scholar 

  11. Henniger, O., Apvrille, L., Fuchs, A., Roudier, Y., Ruddle, A., Weyl, B.: Security requirements for automotive on-board networks. In: 9th International Conference on Intelligent Transport Systems Telecommunications (ITST 2009), Lille, pp. 641–646 (October 2009)

    Google Scholar 

  12. Jürgenson, A., Willemson, J.: Computing Exact Outcomes of Multi-parameter Attack Trees. In: Meersman, R., Tari, Z. (eds.) OTM 2008, Part II. LNCS, vol. 5332, pp. 1036–1051. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  13. Kordy, B., Mauw, S., Melissen, M., Schweitzer, P.: Attack–Defense Trees and Two-Player Binary Zero-Sum Extensive Form Games Are Equivalent. In: Alpcan, T., Buttyán, L., Baras, J.S. (eds.) GameSec 2010. LNCS, vol. 6442, pp. 245–256. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  14. Kordy, B., Mauw, S., Radomirović, S., Schweitzer, P.: Foundations of Attack–Defense Trees. In: Degano, P., Etalle, S., Guttman, J. (eds.) FAST 2010. LNCS, vol. 6561, pp. 80–95. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  15. Kordy, B., Mauw, S., Radomirović, S., Schweitzer, P.: Attack–Defense Trees. Journal of Logic and Computation, 1–33 (2012), http://logcom.oxfordjournals.org/content/early/2012/06/21/logcom.exs029.short?rss=1

  16. Kordy, B., Mauw, S., Schweitzer, P.: Quantitative Questions on Attack–Defense Trees. arXiv (2012), http://arxiv.org/abs/1210.8092

  17. Kordy, B., Pouly, M., Schweitzer, P.: Computational Aspects of Attack–Defense Trees. In: Bouvry, P., Kłopotek, M.A., Leprévost, F., Marciniak, M., Mykowiecka, A., Rybiński, H. (eds.) SIIS 2011. LNCS, vol. 7053, pp. 103–116. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  18. Kordy, P., Schweitzer, P.: The ADTool, http://satoss.uni.lu/members/piotr/adtool/index.php (accessed October 12, 2012)

  19. Li, X., Liu, R., Feng, Z., He, K.: Threat modeling-oriented attack path evaluating algorithm. Transactions of Tianjin University 15(3), 162–167 (2009), http://www.springerlink.com/content/v76g872558787214/

    Article  Google Scholar 

  20. Manikas, T.W., Thornton, M.A., Feinstein, D.Y.: Using Multiple-Valued Logic Decision Diagrams to Model System Threat Probabilities. In: 41st IEEE International Symposium on Multiple-Valued Logic (ISMVL 2011), pp. 263–267 (2011)

    Google Scholar 

  21. Mauw, S., Oostdijk, M.: Foundations of Attack Trees. In: Won, D., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186–198. Springer, Heidelberg (2006), http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.97.1056

    Chapter  Google Scholar 

  22. Piètre-Cambacédès, L., Bouissou, M.: Beyond Attack Trees: Dynamic Security Modeling with Boolean Logic Driven Markov Processes (BDMP). In: European Dependable Computing Conference, pp. 199–208. IEEE Computer Society, Los Alamitos (2010)

    Google Scholar 

  23. Roy, A., Kim, D.S., Trivedi, K.S.: Cyber security analysis using attack countermeasure trees. In: Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research (CSIIRW 2010), pp. 28:1–28:4. ACM, New York (2010), http://doi.acm.org.proxy.bnl.lu/10.1145/1852666.1852698

    Chapter  Google Scholar 

  24. Roy, A., Kim, D.S., Trivedi, K.S.: Attack countermeasure trees (ACT): towards unifying the constructs of attack and defense trees. Security and Communication Networks 5(8), 929–943 (2012), http://dx.doi.org/10.1002/sec.299

    Article  Google Scholar 

  25. Saini, V., Duan, Q., Paruchuri, V.: Threat Modeling Using Attack Trees. J. Computing Small Colleges 23(4), 124–131 (2008), http://portal.acm.org/citation.cfm?id=1352100

    Google Scholar 

  26. Schneier, B.: Attack Trees. Dr. Dobb’s Journal of Software Tools 24(12), 21–29 (1999), http://www.ddj.com/security/184414879

    Google Scholar 

  27. Tanu, E., Arreymbi, J.: An examination of the security implications of the supervisory control and data acquisition (SCADA) system in a mobile networked environment: An augmented vulnerability tree approach. In: Proceedings of Advances in Computing and Technology (AC&T) The School of Computing and Technology 5th Annual Conference. pp. 228–242. University of East London, School of Computing, Information Technology and Engineering (2010), http://hdl.handle.net/10552/994

  28. Wang, J., Whitley, J.N., Phan, R.C.W., Parish, D.J.: Unified Parametrizable Attack Tree. International Journal for Information Security Research 1(1), 20–26 (2011), http://www.infonomics-society.org/IJISR/Unified%20Parametrizable%20Attack%20Tree.pdf

    Google Scholar 

  29. Jürgenson, A., Willemson, J.: Serial Model for Attack Tree Computations. In: Lee, D., Hong, S. (eds.) ICISC 2009. LNCS, vol. 5984, pp. 118–128. Springer, Heidelberg (2010), http://research.cyber.ee/~jan/publ/serialattack.pdf

    Chapter  Google Scholar 

  30. Yager, R.R.: OWA trees and their role in security modeling using attack trees. Inf. Sci. 176(20), 2933–2959 (2006)

    Article  MATH  MathSciNet  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. SnT, University of Luxembourg, Luxembourg

    Barbara Kordy, Sjouke Mauw & Patrick Schweitzer

Authors
  1. Barbara Kordy
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sjouke Mauw
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Patrick Schweitzer
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Engineering, Sejong University, 143-747, Seoul, Korea

    Taekyoung Kwon

  2. School of Computer Science and Engineering, Inha University, 402-751, Incheon, Korea

    Mun-Kyu Lee

  3. National Security Research Institute, 306-600, Daejeon, Korea

    Daesung Kwon

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kordy, B., Mauw, S., Schweitzer, P. (2013). Quantitative Questions on Attack–Defense Trees. In: Kwon, T., Lee, MK., Kwon, D. (eds) Information Security and Cryptology – ICISC 2012. ICISC 2012. Lecture Notes in Computer Science, vol 7839. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-37682-5_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-37682-5_5

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-37681-8

  • Online ISBN: 978-3-642-37682-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation