Skip to main content
SpringerLink
Log in

Attack-Tree Series: A Case for Dynamic Attack Tree Analysis

  • Conference paper
  • First Online:
Book cover Graphical Models for Security (GraMSec 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11720))

Included in the following conference series:

Abstract

Attack trees are a popular model for security scenario analysis. Yet, they are currently treated in the literature as a static model and are not suitable for dynamic security monitoring. In this paper we introduce attack-tree series, a time-indexed set of attack trees, as a model to capture and visualize the evolution of security scenarios. This model supports changes in the attack tree structure as well as changes in the data values. We introduce the notion of a temperature function as a special type of attribute that expresses the importance of change in the data values. We also introduce a consistency predicate on attack trees to allow inter-relating the evolving scenarios captured as attack trees. Finally, we discuss various application scenarios for attack-tree series and we demonstrate on a case study how the proposed ideas can be implemented to visualize historical trends.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://www.association-secure-transactions.eu/tag/atm-crime-report/.

  2. 2.

    Visualizations and code are published at https://github.com/vilena/atreeseries_viz.

  3. 3.

    https://attack.mitre.org/.

References

  1. Amenaza. Securitree software (2017)

    Google Scholar 

  2. Amoroso, E.G.: Fundamentals of Computer Security Technology. Prentice-Hall Inc., Upper Saddle River (1994)

    MATH  Google Scholar 

  3. Bagnato, A., Kordy, B., Meland, P.H., Schweitzer, P.: Attribute decoration of attack-defense trees. Int. J. Secure Softw. Eng. 3(2), 1–35 (2012)

    Article  Google Scholar 

  4. Box, G.E.P., Jenkins, G.M., Reinsel, G.C., Ljung, G.M.: Time Series Analysis: Forecasting and Control. Wiley, Hoboken (2015)

    MATH  Google Scholar 

  5. Buldas, A., Gadyatskaya, O., Lenin, A., Mauw, S., Trujillo-Rasua, R.: Attribute evaluation on attack trees with incomplete information. Computers & Security (2019, to appear)

    Google Scholar 

  6. Fraile, M., Ford, M., Gadyatskaya, O., Kumar, R., Stoelinga, M., Trujillo-Rasua, R.: Using attack-defense trees to analyze threats and countermeasures in an ATM: a case study. In: Horkoff, J., Jeusfeld, M.A., Persson, A. (eds.) PoEM 2016. LNBIP, vol. 267, pp. 326–334. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-48393-1_24

    Chapter  Google Scholar 

  7. Gadyatskaya, O., Hansen, R.R., Larsen, K.G., Legay, A., Olesen, M.C., Poulsen, D.B.: Modelling attack-defense trees using timed automata. In: Fränzle, M., Markey, N. (eds.) FORMATS 2016. LNCS, vol. 9884, pp. 35–50. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-44878-7_3

    Chapter  MATH  Google Scholar 

  8. Gadyatskaya, O., Harpes, C., Mauw, S., Muller, C., Muller, S.: Bridging two worlds: reconciling practical risk assessment methodologies with theory of attack trees. In: Kordy, B., Ekstedt, M., Kim, D.S. (eds.) GraMSec 2016. LNCS, vol. 9987, pp. 80–93. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-46263-9_5

    Chapter  Google Scholar 

  9. Gadyatskaya, O., Jhawar, R., Kordy, P., Lounis, K., Mauw, S., Trujillo-Rasua, R.: Attack trees for practical security assessment: ranking of attack scenarios with ADTool 2.0. In: Agha, G., Van Houdt, B. (eds.) QEST 2016. LNCS, vol. 9826, pp. 159–162. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-43425-4_10

    Chapter  Google Scholar 

  10. Gadyatskaya, O., Jhawar, R., Mauw, S., Trujillo-Rasua, R., Willemse, T.A.C.: Refinement-aware generation of attack trees. In: Livraga, G., Mitchell, C. (eds.) STM 2017. LNCS, vol. 10547, pp. 164–179. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-68063-7_11

    Chapter  Google Scholar 

  11. Garae, J., Ko, R.K.L.: Visualization and data provenance trends in decision support for cybersecurity. In: Palomares Carrascosa, I., Kalutarage, H.K., Huang, Y. (eds.) Data Analytics and Decision Support for Cybersecurity. DA, pp. 243–270. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-59439-2_9

    Chapter  Google Scholar 

  12. Green, I.: Extreme cyber scenario planning & attack tree analysis (2013). Talk at RSA Conference https://www.rsaconference.com/writable/presentations/file_upload/grc-t17.pdf

  13. Ivanova, M.G., Probst, C.W., Hansen, R.R., Kammüller, F.: Attack tree generation by policy invalidation. In: Akram, R.N., Jajodia, S. (eds.) WISTP 2015. LNCS, vol. 9311, pp. 249–259. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-24018-3_16

    Chapter  Google Scholar 

  14. Jhawar, R., Lounis, K., Mauw, S., Ramírez-Cruz, Y.: Semi-automatically augmenting attack trees using an annotated attack tree library. In: Katsikas, S.K., Alcaraz, C. (eds.) STM 2018. LNCS, vol. 11091, pp. 85–101. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-01141-3_6

    Chapter  Google Scholar 

  15. Kordy, B., Mauw, S., Radomirovic, S., Schweitzer, P.: Attack-defense trees. J. Logic Comput. 24(1), 55–87 (2014)

    Article  MathSciNet  Google Scholar 

  16. Kordy, B., Mauw, S., Schweitzer, P.: Quantitative questions on attack–defense trees. In: Kwon, T., Lee, M.-K., Kwon, D. (eds.) ICISC 2012. LNCS, vol. 7839, pp. 49–64. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-37682-5_5

    Chapter  Google Scholar 

  17. Kordy, B., Kordy, P., Mauw, S., Schweitzer, P.: ADTool: security analysis with attack–defense trees. In: Joshi, K., Siegle, M., Stoelinga, M., D’Argenio, P.R. (eds.) QEST 2013. LNCS, vol. 8054, pp. 173–176. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40196-1_15

    Chapter  MATH  Google Scholar 

  18. Kumar, R., Stoelinga, M.: Quantitative security and safety analysis with attack-fault trees. In: Proceedings 18th International Symposium on High Assurance Systems Engineering (HASE 2017), pp. 25–32. IEEE (2017)

    Google Scholar 

  19. Lakkaraju, K., Yurcik, W., Lee, A.J.: NVisionIP: netflow visualizations of system state for security situational awareness. In: Proceedings 2004 ACM Workshop on Visualization and Data Mining for Computer Security (VizSEC/DMSEC 2004), pp. 65–72. ACM (2004)

    Google Scholar 

  20. Li, E., Barendse, J., Brodbeck, F., Tanner, A.: From A to Z: developing a visual vocabulary for information security threat visualisation. In: Kordy, B., Ekstedt, M., Kim, D.S. (eds.) GraMSec 2016. LNCS, vol. 9987, pp. 102–118. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-46263-9_7

    Chapter  Google Scholar 

  21. Liao, X., Yuan, K., Wang, X.F., Li, Z., Xing, L., Beyah, R.: Acing the IOC game: toward automatic discovery and analysis of open-source cyber threat intelligence. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 755–766. ACM (2016)

    Google Scholar 

  22. Mauw, S., Oostdijk, M.: Foundations of attack trees. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186–198. Springer, Heidelberg (2006). https://doi.org/10.1007/11734727_17

    Chapter  Google Scholar 

  23. Noel, S., Harley, E., Tam, K.H., Limiero, M., Share, M.:. CyGraph: graph-based analytics and visualization for cybersecurity. In: Handbook of Statistics, vol. 35, pp. 117–167. Elsevier (2016)

    Google Scholar 

  24. Paul, S.: Towards automating the construction & maintenance of attack trees: a feasibility study. In: Proceedings 1st International Workshop on Graphical Models for Security (GraMSec 2014), Grenoble, France, volume 148 of EPTCS, pp. 31–46 (2014)

    Google Scholar 

  25. Paul, S., Vignon-Davillier, R.: Unifying traditional risk assessment approaches with attack trees. J. Inf. Secur. Appl. 19(3), 165–181 (2014)

    Google Scholar 

  26. Pinchinat, S., Acher, M., Vojtisek, D.: ATSyRa: an integrated environment for synthesizing attack trees. In: Mauw, S., Kordy, B., Jajodia, S. (eds.) GraMSec 2015. LNCS, vol. 9390, pp. 97–101. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-29968-6_7

    Chapter  Google Scholar 

  27. Rasmussen, J., Ehrlich, K., Ross, S., Kirk, S., Gruen, D., Patterson, J.: Nimble cybersecurity incident management through visualization and defensible recommendations. In: Proceedings 7th International Symposium on Visualization for Cyber Security (VizSec 2010), pp. 102–113. ACM (2010)

    Google Scholar 

  28. Roy, A., Kim, D.S., Trivedi, K.S.: Attack countermeasure trees (ACT): towards unifying the constructs of attack and defense trees. Secur. Commun. Netw. 5(8), 929–943 (2012)

    Article  Google Scholar 

  29. Salter, C., Saydjari, O.S., Schneier, B., Wallner, J.: Toward a secure system engineering methodology. In: Proceedings 1998 Workshop on New Security Paradigms (NSPW 1998), pp. 2–10. ACM (1998)

    Google Scholar 

  30. Schneier, B.: Attack trees: modeling security threats. Dobb’s J. Softw. Tools 24(12), 21–29 (1999)

    Google Scholar 

  31. Shostack, A.: Threat Modeling: Designing for Security. Wiley, Hoboken (2014)

    Google Scholar 

  32. Takahashi, T., Emura, K., Kanaoka, A., Matsuo, S., Minowa, T.: Risk visualization and alerting system: architecture and proof-of-concept implementation. In: Proceedings 1st International Workshop on Security in Embedded Systems and Smartphones (SESP 2013), pp. 3–10. ACM (2013)

    Google Scholar 

  33. Tounsi, W., Rais, H.: A survey on technical threat intelligence in the age of sophisticated cyber attacks. Comput. Secur. 72, 212–233 (2018)

    Article  Google Scholar 

  34. Vigo, R., Nielson, F., Nielson, H.R.: Automated generation of attack trees. In: Proceedings 27th IEEE Computer Security Foundations Symposium (CSF 2014), pp. 337–350. IEEE (2014)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. CSC/SnT, University of Luxembourg, Esch-sur-Alzette, Luxembourg

    Olga Gadyatskaya & Sjouke Mauw

Authors
  1. Olga Gadyatskaya
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sjouke Mauw
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sjouke Mauw .

Editor information

Editors and Affiliations

  1. George Mason University , Fairfax, VA, USA

    Massimiliano Albanese

  2. University of Luxembourg, Esch-sur-Alzette, Luxembourg

    Ross Horne

  3. Unitec Institute of Technology, Auckland, New Zealand

    Christian W. Probst

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Gadyatskaya, O., Mauw, S. (2019). Attack-Tree Series: A Case for Dynamic Attack Tree Analysis. In: Albanese, M., Horne, R., Probst, C. (eds) Graphical Models for Security. GraMSec 2019. Lecture Notes in Computer Science(), vol 11720. Springer, Cham. https://doi.org/10.1007/978-3-030-36537-0_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-36537-0_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-36536-3

  • Online ISBN: 978-3-030-36537-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation