On Fast and Approximate Attack Tree Computations

  • Aivo Jürgenson
  • Jan Willemson
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6047)

Abstract

In this paper we address the problem of inefficiency of exact attack tree computations. We propose several implementation-level optimizations and introduce a genetic algorithm for fast approximate computations. Our experiments show that for attack trees having less than 30 leaves, the confidence level of 89% can be achieved within 2 seconds using this algorithm. The approximation scales very well and attack trees of practical size (up to 100 leaves) can be analyzed within a few minutes.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Vesely, W., Goldberg, F., Roberts, N., Haasl, D.: Fault Tree Handbook. US Government Printing Office, Systems and Reliability Research, January, Office of Nuclear Regulatory Research, U.S. Nuclear Regulatory Commission (1981)Google Scholar
  2. 2.
    Weiss, J.D.: A system security engineering process. In: Proceedings of the 14th National Computer Security Conference, pp. 572–581 (1991)Google Scholar
  3. 3.
    Schneier, B.: Attack trees: Modeling security threats. Dr. Dobb’s Journal 24(12), 21–29 (1999)Google Scholar
  4. 4.
    Schneier, B.: Secrets & Lies. Digital Security in a Networked World. John Wiley & Sons, Chichester (2000)Google Scholar
  5. 5.
    Convery, S., Cook, D., Franz, M.: An attack tree for the border gateway protocol. IETF Internet draft (February 2004), http://www.ietf.org/proceedings/04aug/I-D/draft-ietf-rpsec-bgpattack-00.txt
  6. 6.
    Byres, E., Franz, M., Miller, D.: The use of attack trees in assessing vulnerabilities in SCADA systems. In: International Infrastructure Survivability Workshop (IISW 2004). IEEE, Lisbon (2004)Google Scholar
  7. 7.
    Buldas, A., Mägi, T.: Practical security analysis of e-voting systems. In: Miyaji, A., Kikuchi, H., Rannenberg, K. (eds.) IWSEC 2007. LNCS, vol. 4752, pp. 320–335. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  8. 8.
    Edge, K.S.: A Framework for Analyzing and Mitigating the Vulnerabilities of Complex Systems via Attack and Protection Trees. PhD thesis, Air Force Institute of Technology, Ohio (2007)Google Scholar
  9. 9.
    Espedahlen, J.H.: Attack trees describing security in distributed internet-enabled metrology. Master’s thesis, Department of Computer Science and Media Technology, Gjøvik University College (2007)Google Scholar
  10. 10.
    Moore, A.P., Ellison, R.J., Linger, R.C.: Attack modeling for information security and survivability. Technical Report CMU/SEI-2001-TN-001, Software Engineering Institute (2001)Google Scholar
  11. 11.
    Mauw, S., Oostdijk, M.: Foundations of attack trees. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186–198. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  12. 12.
    Buldas, A., Laud, P., Priisalu, J., Saarepera, M., Willemson, J.: Rational Choice of Security Measures via Multi-Parameter Attack Trees. In: López, J. (ed.) CRITIS 2006. LNCS, vol. 4347, pp. 235–248. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  13. 13.
    Jürgenson, A., Willemson, J.: Processing multi-parameter attacktrees with estimated parameter values. In: Miyaji, A., Kikuchi, H., Rannenberg, K. (eds.) IWSEC 2007. LNCS, vol. 4752, pp. 308–319. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  14. 14.
    Jürgenson, A., Willemson, J.: Computing exact outcomes of multi-parameter attack trees. In: Meersman, R., Tari, Z. (eds.) OTM 2008, Part II. LNCS, vol. 5332, pp. 1036–1051. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  15. 15.
    Davis, M., Logemann, G., Loveland, D.: A machine program for theorem proving. Communications of the ACM 5(7), 394–397 (1962)MATHCrossRefMathSciNetGoogle Scholar
  16. 16.
    Kutzkov, K.: New upper bound for the #3-sat problem. Inf. Process. Lett. 105(1), 1–5 (2007)CrossRefMathSciNetGoogle Scholar
  17. 17.
    Kozen, D.: The design and analysis of algorithms. Springer, Heidelberg (1992)Google Scholar
  18. 18.
    Goldberg, D.E.: Genetic Algorithms in Search, Optimization and Machine Learning. Addison-Wesley Longman Publishing Co., Inc, Boston (1989)MATHGoogle Scholar
  19. 19.
    Jürgenson, A., Willemson, J.: Serial model for attack tree computations. In: Proceedings of ICISC 2009 (2009)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Aivo Jürgenson
    • 1
    • 2
  • Jan Willemson
    • 3
  1. 1.Tallinn University of TechnologyTallinnEstonia
  2. 2.CyberneticaTallinnEstonia
  3. 3.CyberneticaTartuEstonia

Personalised recommendations