A Probabilistic Framework for Security Scenarios with Dependent Actions

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8739)


This work addresses the growing need of performing meaningful probabilistic analysis of security. We propose a framework that integrates the graphical security modeling technique of attack–defense trees with probabilistic information expressed in terms of Bayesian networks. This allows us to perform probabilistic evaluation of attack–defense scenarios involving dependent actions. To improve the efficiency of our computations, we make use of inference algorithms from Bayesian networks and encoding techniques from constraint reasoning. We discuss the algebraic theory underlying our framework and point out several generalizations which are possible thanks to the use of semiring theory.


Bayesian Network Boolean Function Dependent Action Defense Tree Fusion Algorithm 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Arnborg, S., Corneil, D., Proskurowski, A.: Complexity of Finding Embeddings in a k-Tree. SIAM J. of Algebraic and Discrete Methods 8, 277–284 (1987)CrossRefzbMATHMathSciNetGoogle Scholar
  2. 2.
    Bagnato, A., Kordy, B., Meland, P.H., Schweitzer, P.: Attribute Decoration of Attack–Defense Trees. IJSSE 3(2), 1–35 (2012)Google Scholar
  3. 3.
    Bistarelli, S., Fioravanti, F., Peretti, P.: Defense Trees for Economic Evaluation of Security Investments. In: ARES, pp. 416–423. IEEE Computer Society (2006)Google Scholar
  4. 4.
    Bodlaender, H.L.: A Partial K-arboretum of Graphs with Bounded Treewidth. Theoretical Computer Science 209(1-2), 1–45 (1998)CrossRefzbMATHMathSciNetGoogle Scholar
  5. 5.
    Dechter, R.: Bucket Elimination: A Unifying Framework for Reasoning. Artif. Intell. 113, 41–85 (1999)CrossRefzbMATHMathSciNetGoogle Scholar
  6. 6.
    Dechter, R.: Constraint Processing. Morgan Kaufmann (2003)Google Scholar
  7. 7.
    Frigault, M., Wang, L.: Measuring Network Security Using Bayesian Network-Based Attack Graphs. In: COMPSAC, pp. 698–703 (2008)Google Scholar
  8. 8.
    van Harmelen, F., van Harmelen, F., Lifschitz, V., Porter, B.: Handbook of Knowledge Representation. Elsevier Science, San Diego (2007)Google Scholar
  9. 9.
    Kohlas, J.: Information Algebras: Generic Structures for Inference. Springer (2003)Google Scholar
  10. 10.
    Kohlas, J., Wilson, N.: Semiring induced Valuation Algebras: Exact and Approximate Local Computation algorithms. Artif. Intell. 172(11), 1360–1399 (2008)CrossRefzbMATHMathSciNetGoogle Scholar
  11. 11.
    Kordy, B., Kordy, P., Mauw, S., Schweitzer, P.: ADTool: Security Analysis with Attack–Defense Trees. In: Joshi, K., Siegle, M., Stoelinga, M., D’Argenio, P.R. (eds.) QEST 2013. LNCS, vol. 8054, pp. 173–176. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  12. 12.
    Kordy, B., Mauw, S., Radomirović, S., Schweitzer, P.: Foundations of Attack–Defense Trees. In: Degano, P., Etalle, S., Guttman, J. (eds.) FAST 2010. LNCS, vol. 6561, pp. 80–95. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  13. 13.
    Kordy, B., Mauw, S., Radomirović, S., Schweitzer, P.: Attack–Defense Trees. Journal of Logic and Computation 24(1), 55–87 (2014)CrossRefzbMATHMathSciNetGoogle Scholar
  14. 14.
    Kordy, B., Mauw, S., Schweitzer, P.: Quantitative Questions on Attack–Defense Trees. In: Kwon, T., Lee, M.-K., Kwon, D. (eds.) ICISC 2012. LNCS, vol. 7839, pp. 49–64. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  15. 15.
    Kordy, B., Piètre-Cambacédès, L., Schweitzer, P.: DAG-Based Attack and Defense Modeling: Don’t Miss the Forest for the Attack Trees. CoRR 1303.7397 (2013), (under submission)
  16. 16.
    Kordy, B., Pouly, M., Schweitzer, P.: Computational Aspects of Attack–Defense Trees. In: Bouvry, P., Kłopotek, M.A., Leprévost, F., Marciniak, M., Mykowiecka, A., Rybiński, H. (eds.) SIIS 2011. LNCS, vol. 7053, pp. 103–116. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  17. 17.
    Lagerström, R., Johnson, P., Närman, P.: Extended Influence Diagram Generation. In: Jardim-Gonçalves, R., Müller, J.P., Mertins, K., Zelm, M. (eds.) IESA, pp. 599–602. Springer (2007)Google Scholar
  18. 18.
    Mauw, S., Oostdijk, M.: Foundations of Attack Trees. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186–198. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  19. 19.
    Mell, P., Scarfone, K., Romanosky, S.: A Complete Guide to the Common Vulnerability Scoring System Version 2.0 (2007),
  20. 20.
    Pearl, J.: Probabilistic Reasoning in Intelligent Systems: Networks of Plausible Inference. Morgan Kaufmann (1988)Google Scholar
  21. 21.
    Poolsappasit, N., Dewri, R., Ray, I.: Dynamic Security Risk Management Using Bayesian Attack Graphs. IEEE Trans. Dep. Sec. Comp. 9(1), 61–74 (2012)CrossRefGoogle Scholar
  22. 22.
    Pouly, M., Kohlas, J.: Generic Inference - A Unifying Theory for Automated Reasoning. John Wiley & Sons, Inc. (2011)Google Scholar
  23. 23.
    Pouly, M.: NENOK - A Software Architecture for Generic Inference. Int. J. on Artif. Intel. Tools 19, 65–99 (2010)CrossRefGoogle Scholar
  24. 24.
    Qin, X., Lee, W.: Attack plan recognition and prediction using causal networks. In: ACSAC, pp. 370–379 (2004)Google Scholar
  25. 25.
    Robertson, N., Seymour, P.: Graph Minors I: Excluding a Forest. J. Comb. Theory, Ser. B 35(1), 39–61 (1983)CrossRefzbMATHMathSciNetGoogle Scholar
  26. 26.
    Schneier, B.: Attack Trees. Dr. Dobb’s Journal of Software Tools 24(12), 21–29 (1999)Google Scholar
  27. 27.
    Shenoy, P.: Valuation-Based Systems: A Framework for Managing Uncertainty in Expert Systems. In: Zadeh, L., Kacprzyk, J. (eds.) Fuzzy Logic for the Management of Uncertainty, pp. 83–104. John Wiley & Sons, Inc. (1992)Google Scholar
  28. 28.
    Sommestad, T., Ekstedt, M., Nordström, L.: Modeling security of power communication systems using defense graphs and influence diagrams. IEEE Trans. Pow. Del. 24(4), 1801–1808 (2009)CrossRefGoogle Scholar
  29. 29.
    Zadeh, L.: Fuzzy sets as a basis for a theory of possibility. Fuzzy Sets and Systems 1, 3–28 (1978)CrossRefzbMATHMathSciNetGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  1. 1.University of Luxembourg, SnTLuxembourgLuxembourg
  2. 2.INSA/IRISARennesFrance
  3. 3.Lucerne University of Applied Sciences and ArtsHorwSwitzerland

Personalised recommendations