Skip to main content
SpringerLink
Log in

Hackers vs. Security: Attack-Defence Trees as Asynchronous Multi-agent Systems

  • Conference paper
  • First Online:
Formal Methods and Software Engineering (ICFEM 2020)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 12531))

Included in the following conference series:

Abstract

Attack-Defence Trees (ADTrees) are a well-suited formalism to assess possible attacks to systems and the efficiency of counter-measures. This paper extends the available ADTree constructs with reactive patterns that cover further security scenarios, and equips all constructs with attributes such as time and cost to allow for quantitative analyses. We model ADTrees as (an extension of) Asynchronous Multi-Agents Systems: EAMAS. The ADTree–EAMAS transformation allows us to quantify the impact of different agents configurations on metrics such as attack time. Using EAMAS also permits parametric verification: we derive constraints for property satisfaction, e.g. the maximum time a defence can take to block an attack. Our approach is exercised on several case studies using the Uppaal and IMITATOR tools. We developed the open-source tool adt2amas implementing our transformation.

This work was partially funded by the NWO project SEQUOIA, the PHC van Gogh project PAMPAS, the BQR project AMoJAS, and the IEA project PARTIES.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. ADT2AMAS. https://depot.lipn.univ-paris13.fr/parties/tools/adt2amas

  2. IMITATOR. https://www.imitator.fr

  3. Alur, R., Henzinger, T., Vardi, M.: Parametric real-time reasoning. In: ACM Symposium on Theory of Computing, pp. 592–601. ACM (1993). https://doi.org/10.1145/167088.167242

  4. André, É., Fribourg, L., Kühne, U., Soulat, R.: IMITATOR 2.5: a tool for analyzing robustness in scheduling problems. In: Giannakopoulou, D., Méry, D. (eds.) FM 2012. LNCS, vol. 7436, pp. 33–36. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32759-9_6

    Chapter  Google Scholar 

  5. André, É., Lime, D., Ramparison, M., Stoelinga, M.: Parametric analyses of attack-fault trees. In: ACSD 2019, pp. 33–42. IEEE (2019). https://doi.org/10.1109/ACSD.2019.00008

  6. Arias, J., Budde, C.E., Penczek, W., Petrucci, L., Sidoruk, T., Stoelinga, M.: Hackers vs. security: attack-defence trees as asynchronous multi-agent systems. HAL (2020). https://hal.archives-ouvertes.fr/hal-02902348

  7. Arnold, F., Guck, D., Kumar, R., Stoelinga, M.: Sequential and parallel attack tree modelling. In: Koornneef, F., van Gulijk, C. (eds.) SAFECOMP 2015. LNCS, vol. 9338, pp. 291–299. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-24249-1_25

    Chapter  Google Scholar 

  8. Aslanyan, Z., Nielson, F.: Pareto efficient solutions of attack-defence trees. In: Focardi, R., Myers, A. (eds.) POST 2015. LNCS, vol. 9036, pp. 95–114. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46666-7_6

    Chapter  Google Scholar 

  9. Aslanyan, Z., Nielson, F., Parker, D.: Quantitative verification and synthesis of attack-defence scenarios. In: CSF 2016, pp. 105–119. IEEE (2016). https://doi.org/10.1109/CSF.2016.15

  10. Buldas, A., Laud, P., Priisalu, J., Saarepera, M., Willemson, J.: Rational choice of security measures via multi-parameter attack trees. In: Lopez, J. (ed.) CRITIS 2006. LNCS, vol. 4347, pp. 235–248. Springer, Heidelberg (2006). https://doi.org/10.1007/11962977_19

    Chapter  Google Scholar 

  11. David, A., Larsen, K.G., Legay, A., Mikučionis, M., Poulsen, D.B.: Uppaal SMC tutorial. Int. J. Softw. Tools Technol. Transf. 17(4), 397–415 (2015). https://doi.org/10.1007/s10009-014-0361-y

    Article  Google Scholar 

  12. Fagin, R., Halpern, J., Moses, Y., Vardi, M.: Reasoning About Knowledge. MIT Press, Cambridge (1995)

    MATH  Google Scholar 

  13. Fila, B., Widel, W.: Efficient attack-defense tree analysis using Pareto attribute domains. In: CSF 2019, pp. 200–215. IEEE (2019). https://doi.org/10.1109/CSF.2019.00021

  14. Gadyatskaya, O., Hansen, R.R., Larsen, K.G., Legay, A., Olesen, M.C., Poulsen, D.B.: Modelling attack-defense trees using timed automata. In: Fränzle, M., Markey, N. (eds.) FORMATS 2016. LNCS, vol. 9884, pp. 35–50. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-44878-7_3

    Chapter  MATH  Google Scholar 

  15. Gribaudo, M., Iacono, M., Marrone, S.: Exploiting Bayesian networks for the analysis of combined attack trees. ENTCS 310, 91–111 (2015). https://doi.org/10.1016/j.entcs.2014.12.014

    Article  Google Scholar 

  16. Hermanns, H., Krämer, J., Krčál, J., Stoelinga, M.: The value of attack-defence diagrams. In: Piessens, F., Viganò, L. (eds.) POST 2016. LNCS, vol. 9635, pp. 163–185. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49635-0_9

    Chapter  Google Scholar 

  17. Jamroga, W., Penczek, W., Dembinski, P., Mazurkiewicz, A.: Towards partial order reductions for strategic ability. In: AAMAS 2018, pp. 156–165. ACM (2018)

    Google Scholar 

  18. Jhawar, R., Kordy, B., Mauw, S., Radomirović, S., Trujillo-Rasua, R.: Attack trees with sequential conjunction. In: Federrath, H., Gollmann, D. (eds.) SEC 2015. IAICT, vol. 455, pp. 339–353. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-18467-8_23

    Chapter  Google Scholar 

  19. Jürgenson, A., Willemson, J.: Computing exact outcomes of multi-parameter attack trees. In: Meersman, R., Tari, Z. (eds.) OTM 2008. LNCS, vol. 5332, pp. 1036–1051. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-88873-4_8

    Chapter  Google Scholar 

  20. Khand, P.: System level security modeling using attack trees. In: 2nd International Conference on Computer, Control and Communication, pp. 1–6 (2009). https://doi.org/10.1109/IC4.2009.4909245

  21. Knapik, M., Penczek, W., Petrucci, L., Sidoruk, T.: Squeezing state spaces of (attack-defence) trees. In: ICECCS 2019. IEEE Computer Society (2019)

    Google Scholar 

  22. Kordy, B., Mauw, S., Radomirović, S., Schweitzer, P.: Attack-defense trees. J. Log. Comput. 24(1), 55–87 (2014). https://doi.org/10.1093/logcom/exs029

    Article  MathSciNet  MATH  Google Scholar 

  23. Kordy, B., Piètre-Cambacédès, L., Schweitzer, P.: DAG-based attack and defense modeling: don’t miss the forest for the attack trees. Comput. Sci. Rev. 13–14, 1–38 (2014). https://doi.org/10.1016/j.cosrev.2014.07.001

    Article  MATH  Google Scholar 

  24. Kumar, R., Ruijters, E., Stoelinga, M.: Quantitative attack tree analysis via priced timed automata. In: Sankaranarayanan, S., Vicario, E. (eds.) FORMATS 2015. LNCS, vol. 9268, pp. 156–171. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-22975-1_11

    Chapter  MATH  Google Scholar 

  25. Kumar, R., et al.: Effective analysis of attack trees: a model-driven approach. In: Russo, A., Schürr, A. (eds.) FASE 2018. LNCS, vol. 10802, pp. 56–73. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-89363-1_4

    Chapter  Google Scholar 

  26. Kumar, R., Stoelinga, M.: Quantitative security and safety analysis with attack-fault trees. In: HASE 2017, pp. 25–32. IEEE (2017)

    Google Scholar 

  27. Lomuscio, A., Penczek, W., Qu, H.: Partial order reductions for model checking temporal epistemic logics over interleaved multi-agent systems. In: AAMAS 2010, vol. 1–3, pp. 659–666. IFAAMAS (2010)

    Google Scholar 

  28. Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.: Automated generation and analysis of attack graphs. In: Proceedings 2002 IEEE Symposium on Security and Privacy, pp. 273–284 (2002). https://doi.org/10.1109/SECPRI.2002.1004377

  29. Weiss, J.: A system security engineering process. In: Proceedings of the 14th National Computer Security Conference, pp. 572–581 (1991)

    Google Scholar 

  30. Widel, W., Audinot, M., Fila, B., Pinchinat, S.: Beyond 2014: formal methods for attack tree-based security modeling. ACM Comp. Surv. 52(4), 75:1–75:36 (2019). https://doi.org/10.1145/3331524

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. LIPN, CNRS UMR 7030, Université Sorbonne Paris Nord, Sorbonne Paris Cité, Villetaneuse, France

    Jaime Arias & Laure Petrucci

  2. Formal Methods and Tools, University of Twente, Enschede, The Netherlands

    Carlos E. Budde & Mariëlle Stoelinga

  3. Institute of Computer Science, Polish Academy of Sciences, Warsaw, Poland

    Wojciech Penczek & Teofil Sidoruk

  4. Department of Software Science, Radboud University, Nijmegen, The Netherlands

    Mariëlle Stoelinga

  5. Warsaw University of Technology, Warsaw, Poland

    Teofil Sidoruk

Authors
  1. Jaime Arias
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Carlos E. Budde
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Wojciech Penczek
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Laure Petrucci
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Teofil Sidoruk
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Mariëlle Stoelinga
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Carlos E. Budde .

Editor information

Editors and Affiliations

  1. Nanyang Technological University, Singapore, Singapore

    Shang-Wei Lin

  2. School of Information and Communication Technology, Griffith University, Nathan Campus, QLD, Australia

    Zhe Hou

  3. Defence Science and Technology Group, Denver, CO, USA

    Brendan Mahony

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Arias, J., Budde, C.E., Penczek, W., Petrucci, L., Sidoruk, T., Stoelinga, M. (2020). Hackers vs. Security: Attack-Defence Trees as Asynchronous Multi-agent Systems. In: Lin, SW., Hou, Z., Mahony, B. (eds) Formal Methods and Software Engineering. ICFEM 2020. Lecture Notes in Computer Science(), vol 12531. Springer, Cham. https://doi.org/10.1007/978-3-030-63406-3_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-63406-3_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-63405-6

  • Online ISBN: 978-3-030-63406-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation