Processing Multi-parameter Attacktrees with Estimated Parameter Values

  • Aivo Jürgenson
  • Jan Willemson
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4752)


Authors extend the multi-parameter attacktree model to include inaccurate or estimated parameter values, which are modelled as probabilistic interval estimations. The paper develops mathematical tools to extend the computation rules of the attacktree model to work with interval estimations instead of point estimates. We present a sample computation routine and discuss how to interpret the analysis results and how to choose the optimal or an economically justified security level.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Parker, D.B.: Fighting Computer Crime: A New Framework for Protecting Information. John Wiley & Sons, Chichester (2001)Google Scholar
  2. 2.
    Geer, D., Hoo, K.S., Jaquith, A.: Information security: Why the future belongs to the quants. IEEE Security and Privacy 1(4), 24–32 (2003)CrossRefGoogle Scholar
  3. 3.
    Sonnenreich, W., Albanese, J., Stout, B.: Return On Security Investment (ROSI) – A practical quantitative model. Journal of Research and Practice in Information Technology 38(1), 55–66 (2006)Google Scholar
  4. 4.
    Rieke, R.: Modelling and analysing network security policies in a given vulnerability setting. In: Lopez, J. (ed.) CRITIS 2006. LNCS, vol. 4347, pp. 67–78. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  5. 5.
    Sheyner, O., Wing, J.: Tools for generating and analyzing attack graphs. In: de Boer, F.S., Bonsangue, M.M., Graf, S., de Roever, W-P. (eds.) FMCO 2003. LNCS, vol. 3188, pp. 344–371. Springer, Heidelberg (2004)Google Scholar
  6. 6.
    Meritt, J.W.: A method for quantitative risk analysis. In: Proceedings of the 22nd National Information Systems Security Conference (1999)Google Scholar
  7. 7.
    Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.: Automated generation and analysis of attack graphs. In: Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA (May 2002)Google Scholar
  8. 8.
    Jha, S., Sheyner, O., Wing, J.: Two formal analyses of attack graphs. In: Proceedings of the 15th IEEE Computer Security Foundations Workshop, pp. 49–63 (2002)Google Scholar
  9. 9.
    Vesely, W., Goldberg, F., Roberts, N., Haasl, D.: Fault Tree Handbook. US Government Printing Office, Systems and Reliability Research, Office of Nuclear Regulatory Research, U.S. Nuclear Regulatory Commission (January 1981)Google Scholar
  10. 10.
    Viega, J., McGraw, G.: Building Secure Software: How to Avoid Security Problems the Right Way. Addison Wesley Professional, Reading (2001)Google Scholar
  11. 11.
    Moore, A.P., Ellison, R.J., Linger, R.C.: Attack modeling for information security and survivability. Technical Report CMU/SEI-2001-TN-001, Software Engineering Institute (2001)Google Scholar
  12. 12.
    Schneier, B.: Attack trees: Modeling security threats. Dr. Dobb’s Journal 24(12), 21–29 (1999)Google Scholar
  13. 13.
    Schneier, B.: Secrets & Lies. Digital Security in a Networked World. John Wiley & Sons, Chichester (2000)Google Scholar
  14. 14.
    Mauw, S., Oostdijk, M.: Foundations of attack trees. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186–198. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  15. 15.
    Opel, A.: Design and implementation of a support tool for attack trees. Technical report, Otto-von-Guericke University Internship Thesis (March 2005)Google Scholar
  16. 16.
    Buldas, A., Laud, P., Priisalu, J., Saarepera, M., Willemson, J.: Rational Choice of Security Measures via Multi-Parameter Attack Trees. In: Lopez, J. (ed.) CRITIS 2006. LNCS, vol. 4347, pp. 235–248. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  17. 17.
    Qin, X., Lee, W.: Attack plan recognition and prediction using causal networks. In: 20th Annual Computer Security Applications Conference, pp. 370–379 (December 2004)Google Scholar
  18. 18.
    Kleiter, G.D.: Propagating imprecise probabilities in bayesian networks. Artificial Intelligence 88(1-2), 143–161 (1996)zbMATHCrossRefGoogle Scholar
  19. 19.
    Borsotto, M., Zhang, W., Kapanci, E., Pfeffer, A., Crick, C.: A junction tree propagation algorithm for bayesian networks with second-order uncertainties. In: Proceedings of the 18th IEEE International Conference on Tools with Artificial Intelligence, pp. 455–464 (2006)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Aivo Jürgenson
    • 1
    • 2
  • Jan Willemson
    • 3
    • 4
  1. 1.Tallinn University of Technology, Raja 15, 12618 TallinnEstonia
  2. 2.Elion Enterprises Ltd, Endla 16, 15033 TallinnEstonia
  3. 3.Tartu University, Institute of Computer Science, Liivi 2, TartuEstonia
  4. 4.Cybernetica, Aleksandri 8a, TartuEstonia

Personalised recommendations