Threat modeling-oriented attack path evaluating algorithm
- 70 Downloads
In order to evaluate all attack paths in a threat tree, based on threat modeling theory, a weight distribution algorithm of the root node in a threat tree is designed, which computes threat coefficients of leaf nodes in two ways including threat occurring possibility and the degree of damage. Besides, an algorithm of searching attack path was also obtained in accordence with its definition. Finally, an attack path evaluation system was implemented which can output the threat coefficients of the leaf nodes in a target threat tree, the weight distribution information, and the attack paths. An example threat tree is given to verify the effectiveness of the algorithms.
Keywordsattack tree attack path threat modeling threat coefficient attack path evaluation
Unable to display preview. Download preview PDF.
- Redwine S T. Workshop on secure software engineering education and training [C]. In: Proceedings of Software Engineering Education and Training. Hawaii, USA, 2006. 245.Google Scholar
- Peine H. Rules of thumb for secure software engineering [C]. In: Proceedings of the 27th International Conference on Software Engineering. St. Louis, USA, 2005. 702–703.Google Scholar
- Davis N. Secure Software Development Life Cycle Processes: A Technology Scouting Report [R]. Software Engineering Institute, Carnegie Mellon University, Pittsburgh, 2005.Google Scholar
- Schenier B. Attack trees: Modeling security threats [J]. Dr. Dobb’s Journal, 1999, 12(24): 21–29.Google Scholar
- Mauw S. Foundations of Attack Trees [EB/OL]. http://www.win.tue.nl/~sjouke/, 2005-06-11.
- Moore A P, Ellison R J, Linger R C. Attack Modeling for Information Security and Survivability [R]. Software Engineering Institute, Carnegie Mellon University, Pittsburgh, 2001.Google Scholar
- Dalton G C, Mills R F, Colombi J M et al. Analyzing attack trees using generalized stochastic Petri nets [C]. In: Proceedings of IEEE Workshop on Information Assurance. USA, 2006. 116–123.Google Scholar
- Amenaza Technologies Limited. Hostile Risk Decisions and Capability-based Analysis [EB/OL]. http://www.amenaza.com, 2005-04-12.
- Microsoft ACE Team. Microsoft Threat Analysis and Modeling [EB/OL]. http://msdn.microsoft.com/en-us/security/default.aspx, 2006-01-05.
- Michael Howard, David LeBlanc. Writing Secure Code [M]. 2nd Ed. Microsoft Press, Washington DC, 2002. 43–53.Google Scholar
- Li X H, He K. A unified threat model for assessing threat in web application [C]. In: Proceedings of the Second International Conference on Information Security and Assurance. Korea, 2008. 142–145Google Scholar