Attacker Profiling in Quantitative Security Assessment Based on Attack Trees

  • Aleksandr Lenin
  • Jan Willemson
  • Dyan Permata Sari
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8788)


Providing meaningful estimations for the quantitative annotations on the steps of complex multi-step attacks is hard, as they are jointly influenced by the infrastructure and attacker properties. The paper introduces attacker profiling as the concept of separation of the infrastructure properties from the properties of malicious agents undertaking strategic decisions in the considered environment. We show that attacker profiling may be integrated into existing quantitative security assessment tools without any significant performance penalty. As an example of such integration we introduce the new analysis tool named ApproxTree+ which is an extension of the existing ApproxTree tool, enhancing it by incorporating attacker profiling capabilities into it.


Boolean Function Attack Scenario Attack Tree Initial Population Size Attack Step 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Jürgenson, A., Willemson, J.: On Fast and Approximate Attack Tree Computations. In: Kwak, J., Deng, R.H., Won, Y., Wang, G. (eds.) ISPEC 2010. LNCS, vol. 6047, pp. 56–66. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  2. 2.
    Vesely, W.E., Goldberg, F.F., Roberts, N.H., Haasl, D.F.: Fault Tree Handbook. U.S. Nuclear Regulatory Commission, Washington, DC (1981)Google Scholar
  3. 3.
    Schneier, B.: Attack trees. Dr. Dobb’s Journal of Software Tools 24(12), 21–22, 24, 26, 28–29 (1999)Google Scholar
  4. 4.
    Schumacher, M.: Security Engineering with Patterns. LNCS, vol. 2754. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  5. 5.
    Miede, A., Nedyalkov, N., Gottron, C., König, A., Repp, N., Steinmetz, R.: A Generic Metamodel for IT Security. In: ARES, pp. 430–437. IEEE Computer Society (2010)Google Scholar
  6. 6.
    Trivedi, K.S., Kim, D.S., Roy, A., Medhi, D.: Dependability and Security Models. In: Proceedings of the 7th IEEE International Workshop on the Design of Reliable Communication Networks (DRCN), Washington, DC, pp. 11–20 (October 2009)Google Scholar
  7. 7.
    Schneier, B.: Secrets & Lies: Digital Security in a Networked World, 1st edn. John Wiley & Sons, Inc., New York (2000)Google Scholar
  8. 8.
    Kordy, B., Mauw, S., Radomirović, S., Schweitzer, P.: Attack–Defense Trees. Journal of Logic and Computation 24(1), 55–87 (2014)MathSciNetCrossRefzbMATHGoogle Scholar
  9. 9.
    Buldas, A., Laud, P., Priisalu, J., Saarepera, M., Willemson, J.: Rational Choice of Security Measures Via Multi-parameter Attack Trees. In: López, J. (ed.) CRITIS 2006. LNCS, vol. 4347, pp. 235–248. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  10. 10.
    Jürgenson, A., Willemson, J.: Computing Exact Outcomes of Multi-parameter Attack Trees. In: Meersman, R., Tari, Z. (eds.) OTM 2008, Part II. LNCS, vol. 5332, pp. 1036–1051. Springer, Heidelberg (2008)Google Scholar
  11. 11.
    Jürgenson, A., Willemson, J.: Serial Model for Attack Tree Computations. In: Lee, D., Hong, S. (eds.) ICISC 2009. LNCS, vol. 5984, pp. 118–128. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  12. 12.
    Mauw, S., Oostdijk, M.: Foundations of Attack Trees. In: Won, D., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186–198. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  13. 13.
    Buldas, A., Stepanenko, R.: Upper Bounds for Adversaries’ Utility in Attack Trees. In: Grossklags, J., Walrand, J. (eds.) GameSec 2012. LNCS, vol. 7638, pp. 98–117. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  14. 14.
    Buldas, A., Lenin, A.: New Efficient Utility Upper Bounds for the Fully Adaptive Model of Attack Trees. In: Das, S.K., Nita-Rotaru, C., Kantarcioglu, M. (eds.) GameSec 2013. LNCS, vol. 8252, pp. 192–205. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  15. 15.
    Kordy, B., Pietre-Cambacedes, L., Schweitzer, P.: DAG-Based Attack and Defense Modeling: Don’t Miss the Forest for the Attack Trees. CoRR abs/1303.7397 (2013)Google Scholar
  16. 16.
    Phillips, C., Swiler, L.P.: A Graph-based System for Network-vulnerability Analysis. In: Proceedings of the 1998 Workshop on New Security Paradigms, NSPW 1998, pp. 71–79. ACM, New York (1998)CrossRefGoogle Scholar
  17. 17.
    “Know Your Enemies” series: Honeynet Project. Know Your Enemy The Tools and Methodologies of the Script Kiddie (July 2000),
  18. 18.
    “Know Your Enemies” series: Honeynet Project. Know Your Enemy II: Tracking the blackhat’s moves (June 2001),
  19. 19.
    “Know Your Enemies” series: Honeynet Project. Know Your Enemy III: They Gain Root (March 2000),
  20. 20.
    Blomquist, A., Arvola, M.: Personas in action: Ethnography in an interaction design team. In: Proceedings of the Second Nordic Conference on Human-computer Interaction, NordiCHI 2002, pp. 197–200. ACM, New York (2002)CrossRefGoogle Scholar
  21. 21.
    Castro, J.W., Acuña, S.T., Juzgado, N.J.: Integrating the Personas Technique into the Requirements Analysis Activity. In: Gelbukh, A.F., Adiba, M.E. (eds.) ENC, pp. 104–112. IEEE Computer Society (2008)Google Scholar
  22. 22.
    Faily, S., Flechais, I.: Barry is not the weakest link: eliciting secure system requirements with personas. In: McEwan, T., McKinnon, L. (eds.) BCS HCI, pp. 124–132. ACM (2010)Google Scholar
  23. 23.
    Faily, S., Flechais, I.: Persona cases: A technique for grounding personas. In: Tan, D.S., Amershi, S., Begole, B., Kellogg, W.A., Tungare, M. (eds.) CHI, pp. 2267–2270. ACM (2011)Google Scholar
  24. 24.
    Pardue, H., Landry, J., Yasinsac, A.: A Risk Assessment Model for Voting Systems using Threat Trees and Monte Carlo Simulation. In: 2009 First International Workshop on Requirements Engineering for e-Voting Systems (RE-VOTE), pp. 55–60 (2009)Google Scholar
  25. 25.
    Sallhammar, K., Knapskog, S.J., Helvik, B.E.: Building a Stochastic Model for Security and Trust Assessment Evaluation (October 2005),
  26. 26.
    Tipton, H., Baker, P.: Official (ISC)2 guide to the CISSP CBK (2010)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Aleksandr Lenin
    • 1
    • 2
  • Jan Willemson
    • 1
  • Dyan Permata Sari
    • 2
  1. 1.Cybernetica ASTallinnEstonia
  2. 2.Tallinn University of TechnologyTallinnEstonia

Personalised recommendations