A Stochastic Framework for Quantitative Analysis of Attack-Defense Trees

Conference paper

DOI: 10.1007/978-3-319-46598-2_10

Part of the Lecture Notes in Computer Science book series (LNCS, volume 9871)
Cite this paper as:
Jhawar R., Lounis K., Mauw S. (2016) A Stochastic Framework for Quantitative Analysis of Attack-Defense Trees. In: Barthe G., Markatos E., Samarati P. (eds) Security and Trust Management. STM 2016. Lecture Notes in Computer Science, vol 9871. Springer, Cham

Abstract

Cyber attacks are becoming increasingly complex, practically sophisticated and organized. Losses due to such attacks are important, varying from the loss of money to business reputation spoilage. Therefore, there is a great need for potential victims of cyber attacks to deploy security solutions that allow the identification and/or prediction of potential cyber attacks, and deploy defenses to face them. In this paper, we propose a framework that incorporates Attack-Defense trees (ADTrees) and Continuous Time Markov Chains (CTMCs) to systematically represent attacks, defenses, and their interaction. This solution allows to perform quantitative security assessment, with an aim to predict and/or identify attacks and find the best and appropriate defenses to reduce the impact of attacks.

Keywords

Attack-Defense Trees Markov chains Security modeling Quantitative analysis 

Copyright information

© Springer International Publishing AG 2016

Authors and Affiliations

  1. 1.CSC/SnTUniversity of LuxembourgLuxembourgLuxembourg

Personalised recommendations