Skip to main content
View expanded cover

International Workshop on Security

IWSEC 2017: Advances in Information and Computer Security pp 39–55Cite as

Simple Infeasibility Certificates for Attack Trees

Part of the Lecture Notes in Computer Science book series (LNSC,volume 10418)

Abstract

We introduce infeasibility certificates, compact and easily verifiable proofs that no profitable attacks exist in the considered system model. We introduce computational methods for generation and validation of such proofs using an enhanced weight reduction technique. A new method for obtaining adversarial expenses by approximating an interval within which this value resides, is an interesting approach to tackle NP-complete tasks and allows to obtain values that require extensive computations in reasonable time.

The research leading to these results has received funding from the European Regional Development Fund through Estonian Centre of Excellence in ICT Research (EXCITE) and the Estonian Research Council under Institutional Research Grant IUT27-1.

This is a preview of subscription content, access via your institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-319-64200-0_3
  • Chapter length: 17 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   54.99
Price excludes VAT (USA)
  • ISBN: 978-3-319-64200-0
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   69.99
Price excludes VAT (USA)
Learn about institutional subscriptions
Fig. 1.

References

  1. Ahmadi, A.A., Olshevsky, A., Parrilo, P.A., Tsitsiklis, J.N.: NP-hardness of deciding convexity of quartic polynomials and related problems. Math. Program. 137(1), 453–476 (2013)

    MathSciNet  CrossRef  MATH  Google Scholar 

  2. Buldas, A., Laud, P., Priisalu, J., Saarepera, M., Willemson, J.: Rational choice of security measures via multi-parameter attack trees. In: Lopez, J. (ed.) CRITIS 2006. LNCS, vol. 4347, pp. 235–248. Springer, Heidelberg (2006). doi:10.1007/11962977_19

    CrossRef  Google Scholar 

  3. Buldas, A., Lenin, A.: New efficient utility upper bounds for the fully adaptive model of attack trees. In: Das, S.K., Nita-Rotaru, C., Kantarcioglu, M. (eds.) GameSec 2013. LNCS, vol. 8252, pp. 192–205. Springer, Cham (2013). doi:10.1007/978-3-319-02786-9_12

    CrossRef  Google Scholar 

  4. Buldas, A., Stepanenko, R.: Upper bounds for adversaries’ utility in attack trees. In: Grossklags, J., Walrand, J. (eds.) GameSec 2012. LNCS, vol. 7638, pp. 98–117. Springer, Heidelberg (2012). doi:10.1007/978-3-642-34266-0_6

    CrossRef  Google Scholar 

  5. Blekherman, G., Parrilo, P.A., Thomas, R.R.: Semidefinite Optimization and Convex Algebraic Geometry. Society for Industrial and Applied Mathematics, Philadelphia (2012)

    CrossRef  MATH  Google Scholar 

  6. Boyd, S., Vandenberghe, L.: Convex Optimization. Cambridge University Press, New York (2004)

    CrossRef  MATH  Google Scholar 

  7. Corbineau, P.: A declarative language for the Coq proof assistant. In: Miculan, M., Scagnetto, I., Honsell, F. (eds.) TYPES 2007. LNCS, vol. 4941, pp. 69–84. Springer, Heidelberg (2008). doi:10.1007/978-3-540-68103-8_5

    CrossRef  Google Scholar 

  8. De Loera, J.A., Lee, J., Malkin, P.N., Margulies, S.: Computing infeasibility certificates for combinatorial problems through hilbert’s nullstellensatz. J. Symb. Comput. 46(11), 1260–1283 (2011)

    MathSciNet  CrossRef  MATH  Google Scholar 

  9. Helton, J.W., Nie, J.: Semidefinite representation of convex sets. Math. Program. 122(1), 21–64 (2010)

    MathSciNet  CrossRef  MATH  Google Scholar 

  10. Hillar, C., Lim, L.-H.: Most tensor problems are np-hard. J. ACM 60(6), 4:51–45:39 (2013)

    MathSciNet  CrossRef  MATH  Google Scholar 

  11. Jürgenson, A., Willemson, J.: Computing exact outcomes of multi-parameter attack trees. In: Meersman, R., Tari, Z. (eds.) OTM 2008. LNCS, vol. 5332, pp. 1036–1051. Springer, Heidelberg (2008). doi:10.1007/978-3-540-88873-4_8

    CrossRef  Google Scholar 

  12. Jürgenson, A., Willemson, J.: Serial model for attack tree computations. In: Lee, D., Hong, S. (eds.) ICISC 2009. LNCS, vol. 5984, pp. 118–128. Springer, Heidelberg (2010). doi:10.1007/978-3-642-14423-3_9

    CrossRef  Google Scholar 

  13. Jürgenson, A., Willemson, J.: On fast and approximate attack tree computations. In: Kwak, J., Deng, R.H., Won, Y., Wang, G. (eds.) ISPEC 2010. LNCS, vol. 6047, pp. 56–66. Springer, Heidelberg (2010). doi:10.1007/978-3-642-12827-1_5

    Google Scholar 

  14. Lenin, A.: Reliable and Efficient Determination of the Likelihood of Rational Attacks. TUT Press, Tallinn (2015)

    Google Scholar 

  15. Mauw, S., Oostdijk, M.: Foundations of attack trees. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186–198. Springer, Heidelberg (2006). doi:10.1007/11734727_17

    CrossRef  Google Scholar 

  16. de Moura, L., Bjørner, N.: Z3: an efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337–340. Springer, Heidelberg (2008). doi:10.1007/978-3-540-78800-3_24

    CrossRef  Google Scholar 

  17. Prajna, S., Papachristodoulou, A., Seiler, P., Parrilo, P.A.: Sostools: Sum of squares optimization toolbox for matlab (2004)

    Google Scholar 

  18. Schneier, B.: Attack trees. Dr. Dobb’s J. Softw. Tools 24(12), 21–22, 24, 26, 28–29, December 1999

    Google Scholar 

  19. Smith, K.E., Kahanpää, L., Kekäläinen, P., et al.: An Invitation to Algebraic Geometry. Universitext. Springer Science + Business Media, New York (2000)

    CrossRef  MATH  Google Scholar 

  20. Stengle, G.: A nullstellensatz and a positivstellensatz in semialgebraic geometry. Math. Ann. 207, 87–98 (1974)

    MathSciNet  CrossRef  MATH  Google Scholar 

  21. Stengle, G.: A nullstellensatz and positivstellensatz in semialgebraic geometry. Math. Ann. 207, 87–97 (1994)

    MathSciNet  CrossRef  MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Cybernetica AS, Mäealuse 2/1, Tallinn, Estonia

    Ahto Buldas, Aleksandr Lenin & Jan Willemson

  2. Tallinn University of Technology, Ehitajate Tee 5, Tallinn, Estonia

    Ahto Buldas, Aleksandr Lenin & Anton Charnamord

  3. Software Technology and Applications Competence Centre, Tallinn, Estonia

    Aleksandr Lenin & Jan Willemson

Authors
  1. Ahto Buldas
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Aleksandr Lenin
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jan Willemson
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Anton Charnamord
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Aleksandr Lenin .

Editor information

Editors and Affiliations

  1. Hosei University, Tokyo, Japan

    Satoshi Obana

  2. NTT Corporation, Tokyo, Japan

    Koji Chida

Rights and permissions

Reprints and Permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Buldas, A., Lenin, A., Willemson, J., Charnamord, A. (2017). Simple Infeasibility Certificates for Attack Trees. In: Obana, S., Chida, K. (eds) Advances in Information and Computer Security. IWSEC 2017. Lecture Notes in Computer Science(), vol 10418. Springer, Cham. https://doi.org/10.1007/978-3-319-64200-0_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-64200-0_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-64199-7

  • Online ISBN: 978-3-319-64200-0

  • eBook Packages: Computer ScienceComputer Science (R0)