Skip to main content
SpringerLink
Log in

A Stochastic Framework for Quantitative Analysis of Attack-Defense Trees

  • Conference paper
  • First Online:
Book cover Security and Trust Management (STM 2016)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9871))

Included in the following conference series:

Abstract

Cyber attacks are becoming increasingly complex, practically sophisticated and organized. Losses due to such attacks are important, varying from the loss of money to business reputation spoilage. Therefore, there is a great need for potential victims of cyber attacks to deploy security solutions that allow the identification and/or prediction of potential cyber attacks, and deploy defenses to face them. In this paper, we propose a framework that incorporates Attack-Defense trees (ADTrees) and Continuous Time Markov Chains (CTMCs) to systematically represent attacks, defenses, and their interaction. This solution allows to perform quantitative security assessment, with an aim to predict and/or identify attacks and find the best and appropriate defenses to reduce the impact of attacks.

The research leading to the results presented in this work received funding from the European Commission’s Seventh Framework Programme (FP7/2007–2013) under grant agreement number 318003 (TREsPASS) and Fonds National de la Recherche Luxembourg under the grant C13/IS/5809105 (ADT2P).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Abraham, S., Nair, S.: Predictive cyber-security analytics framework: a non-homogenous markov model for security quantification. arXiv preprint arXiv:1501.01901 (2015)

  2. Arnold, F., Guck, D., Kumar, R., Stoelinga, M.: Sequential and parallel attack tree modelling. In: Koornneef, F., Gulijk, C. (eds.) SAFECOMP 2015. LNCS, vol. 9338, pp. 291–299. Springer, Heidelberg (2015). doi:10.1007/978-3-319-24249-1_25

    Chapter  Google Scholar 

  3. Arnold, F., Hermanns, H., Pulungan, R., Stoelinga, M.: Time-dependent analysis of attacks. In: Abadi, M., Kremer, S. (eds.) POST 2014 (ETAPS 2014). LNCS, vol. 8414, pp. 285–305. Springer, Heidelberg (2014)

    Chapter  Google Scholar 

  4. Bagnato, A., Kordy, B., Meland, P.H., Schweitzer, P.: Attribute decoration of attack-defense trees. Int. J. Secur. Softw. Eng. 3(2), 1–35 (2012)

    Article  Google Scholar 

  5. Dalton II, G.C., Mills, R.F., Colombi, J.M., Raines, R.A.: Analyzing attack trees using generalized stochastic Petri nets. In: IEEE Information Assurance Workshop, pp. 116–123. IEEE (2006)

    Google Scholar 

  6. Gadyatskaya, O., Jhawar, R., Kordy, P., Lounis, K., Mauw, S., Trujillo-Rasua, R.: Attack trees for practical security assessment: ranking of attack scenarios with ADTool 2.0. In: Agha, G., Houdt, B. (eds.) QEST 2016. LNCS, vol. 9826, pp. 159–162. Springer, Heidelberg (2016). doi:10.1007/978-3-319-43425-4_10

    Chapter  Google Scholar 

  7. Hughes, T., Sheyner, O.: Attack scenario graphs for computer network threat analysis and prediction. Complexity 9(2), 15–18 (2003)

    Article  Google Scholar 

  8. Kordy, B., Kordy, P., Mauw, S., Schweitzer, P.: ADTool: security analysis with attack-defense trees (extended version). arXiv preprint arXiv:1305.6829 (2013)

  9. Kordy, B., Mauw, S., Melissen, M., Schweitzer, P.: Attack–defense trees and two-player binary zero-sum extensive form games are equivalent. In: Alpcan, T., Buttyán, L., Baras, J.S. (eds.) GameSec 2010. LNCS, vol. 6442, pp. 245–256. Springer, Heidelberg (2010)

    Google Scholar 

  10. Kordy, B., Mauw, S., Radomirović, S., Schweitzer, P.: Foundations of attack–defense trees. In: Degano, P., Etalle, S., Guttman, J. (eds.) FAST 2010. LNCS, vol. 6561, pp. 80–95. Springer, Heidelberg (2011). doi:10.1007/978-3-642-19751-2_6

    Chapter  Google Scholar 

  11. Kordy, B., Pouly, M., Schweitzer, P.: A probabilistic framework for security scenarios with dependent actions. In: Albert, E., Sekerinski, E. (eds.) IFM 2014. LNCS, vol. 8739, pp. 256–271. Springer, Heidelberg (2014)

    Google Scholar 

  12. Madan, B.B., Gogeva-Popstojanova, K, Vaidyanathan, K., Trivedi, K.S.: Modeling and quantification of security attributes of software systems. In: International Conference on Dependable Systems and Networks, pp. 505–514. IEEE (2002)

    Google Scholar 

  13. Markov, A.: Extension of the limit theorems of probability theory to a sum of variables connected in a chain. In: Howard, R. (ed.) Dynamic Probabilistic Systems (Volume I: Markov Models), pp. 552–577. Wiley, New York (1971)

    Google Scholar 

  14. Mauw, S., Oostdijk, M.: Foundations of attack trees. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186–198. Springer, Heidelberg (2006). doi:10.1007/11734727_17

    Chapter  Google Scholar 

  15. Piètre-Cambacédès, L., Bouissou, M.: Beyond attack trees: dynamic security modeling with Boolean logic Driven Markov Processes (BDMP). In: European Dependable Computing Conference, pp. 199–208. IEEE (2010)

    Google Scholar 

  16. Pudar, S., Manimaran, G., Liu, C.-C.: PENET: a practical method and tool for integrated modeling of security attacks and countermeasures. Comput. Secur. 28(8), 754–771 (2009)

    Article  Google Scholar 

  17. Roy, A., Kim, D.S., Trivedi, K.S.: Attack countermeasure trees (ACT): towards unifying the constructs of attack and defense trees. Secur. Commun. Netw. 5(8), 929–943 (2012)

    Article  Google Scholar 

  18. Stewart, W.J.: Introduction to the Numerical Solutions of Markov Chains. Princeton University Press, Princeton (1994)

    MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. CSC/SnT, University of Luxembourg, Luxembourg, Luxembourg

    Ravi Jhawar, Karim Lounis & Sjouke Mauw

Authors
  1. Ravi Jhawar
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Karim Lounis
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sjouke Mauw
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Karim Lounis .

Editor information

Editors and Affiliations

  1. IMDEA Software Institute , Pozuelo de Alarcón, Madrid, Spain

    Gilles Barthe

  2. Dept Comp Sci, Vassilika Vouton, Univ of Crete Dept Comp Sci, Vassilika Vouton, Heraklion, Crete, Greece

    Evangelos Markatos

  3. Dipto di Informatica, Univ degli Studi di Milano Dipto di Informatica, Crema, Italy

    Pierangela Samarati

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing AG

About this paper

Cite this paper

Jhawar, R., Lounis, K., Mauw, S. (2016). A Stochastic Framework for Quantitative Analysis of Attack-Defense Trees. In: Barthe, G., Markatos, E., Samarati, P. (eds) Security and Trust Management. STM 2016. Lecture Notes in Computer Science(), vol 9871. Springer, Cham. https://doi.org/10.1007/978-3-319-46598-2_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-46598-2_10

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-46597-5

  • Online ISBN: 978-3-319-46598-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation