Serial Model for Attack Tree Computations
In this paper we extend the standard attack tree model by introducing temporal order to the attacker’s decision making process. This will allow us to model the attacker’s behaviour more accurately, since this way it is possible to study his actions related to dropping some of the elementary attacks due to them becoming obsolete based on the previous success/failure results. We propose an efficient algorithm for computing the attacker’s expected outcome based on the given order of the elementary attacks and discuss the pros and cons of considering general rooted directed acyclic graphs instead of plain trees as the foundations for attack modelling.
KeywordsBoolean Function Success Probability Attack Scenario Attack Tree Border Gateway Protocol
Unable to display preview. Download preview PDF.
- 1.Vesely, W., Goldberg, F., Roberts, N., Haasl, D.: Fault Tree Handbook. US Government Printing Office, Systems and Reliability Research, Office of Nuclear Regulatory Research, U.S. Nuclear Regulatory Commission (January 1981)Google Scholar
- 2.Viega, J., McGraw, G.: Building Secure Software: How to Avoid Security Problems the Right Way. Addison Wesley Professional, Reading (2001)Google Scholar
- 3.Moore, A.P., Ellison, R.J., Linger, R.C.: Attack modeling for information security and survivability. Technical Report CMU/SEI-2001-TN-001, Software Engineering Institute (2001)Google Scholar
- 4.Weiss, J.D.: A system security engineering process. In: Proceedings of the 14th National Computer Security Conference, pp. 572–581 (1991)Google Scholar
- 5.Schneier, B.: Attack trees: Modeling security threats. Dr. Dobb’s Journal 24(12), 21–29 (1999)Google Scholar
- 6.Edge, K.S.: A Framework for Analyzing and Mitigating the Vulnerabilities of Complex Systems via Attack and Protection Trees. PhD thesis, Air Force Institute of Technology, Ohio (2007)Google Scholar
- 7.Espedahlen, J.H.: Attack trees describing security in distributed internet-enabled metrology. Master’s thesis, Department of Computer Science and Media Technology, Gjøvik University College (2007)Google Scholar
- 8.Convery, S., Cook, D., Franz, M.: An attack tree for the border gateway protocol. IETF Internet draft (2004), http://www.ietf.org/proceedings/04aug/I-D/draft-ietf-rpsec-bgpattack-00.txt
- 9.Byres, E., Franz, M., Miller, D.: The use of attack trees in assessing vulnerabilities in SCADA systems. In: International Infrastructure Survivability Workshop (IISW 2004), Lisbon, Portugal. IEEE, Los Alamitos (2004)Google Scholar
- 11.Saini, V., Duan, Q., Paruchuri, V.: Threat modeling using attack trees. J. Comput. Small Coll. 23(4), 124–131 (2008)Google Scholar
- 16.Opel, A.: Design and implementation of a support tool for attack trees. Technical report, Otto-von-Guericke University, Internship Thesis (March 2005)Google Scholar
- 17.Jürgenson, A., Willemson, J.: Ründepuud: pooladaptiivne mudel ja ligikaudsed arvutused (in Estonian). Technical Report T-4-4, Cybernetica, Institute of Information Security (2009), http://research.cyber.ee/