Skip to main content
SpringerLink
Log in
Book cover

International Conference on Decision and Game Theory for Security

GameSec 2013: Decision and Game Theory for Security pp 192–205Cite as

New Efficient Utility Upper Bounds for the Fully Adaptive Model of Attack Trees

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8252))

Abstract

We present a new fully adaptive computational model for attack trees that allows attackers to repeat atomic attacks if they fail and to play on if they are caught and have to pay penalties. The new model allows safer conclusions about the security of real-life systems and is somewhat (computationally) easier to analyze. We show that in the new model optimal strategies always exist and finding the optimal strategy is (just) an np-complete problem. We also present methods to compute adversarial utility estimation and utility upper bound approximated estimation using a bottom-up approach.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Buldas, A., Laud, P., Priisalu, J., Saarepera, M., Willemson, J.: Rational choice of security measures via multi-parameter attack trees. In: López, J. (ed.) CRITIS 2006. LNCS, vol. 4347, pp. 235–248. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  2. Buldas, A., Mägi, T.: Practical security analysis of e-voting systems. In: Miyaji, A., Kikuchi, H., Rannenberg, K. (eds.) IWSEC 2007. LNCS, vol. 4752, pp. 320–335. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  3. Buldas, A., Stepanenko, R.: Upper bounds for adversaries’ utility in attack trees. In: Grossklags, J., Walrand, J. (eds.) GameSec 2012. LNCS, vol. 7638, pp. 98–117. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  4. Jürgenson, A., Willemson, J.: Computing exact outcomes of multi-parameter attack trees. In: Meersman, R., Tari, Z. (eds.) OTM 2008, Part II. LNCS, vol. 5332, pp. 1036–1051. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  5. Jürgenson, A., Willemson, J.: Serial model for attack tree computations. In: Lee, D., Hong, S. (eds.) ICISC 2009. LNCS, vol. 5984, pp. 118–128. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  6. Jürgenson, A., Willemson, J.: Efficient Semantics of Parallel and Serial Models of Attack Trees, TUT (2010)

    Google Scholar 

  7. Luby, M.: Pseudorandomness and Cryptographic Applications. In: Hanson, D.R., Tarjan, R.E. (eds.) Princeton Computer Science Notes. Princeton University Press (1996)

    Google Scholar 

  8. Mauw, S., Oostdijk, M.: Foundations of attack trees. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186–198. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  9. Niitsoo, M.: Optimal adversary behavior for the serial model of financial attack trees. In: Echizen, I., Kunihiro, N., Sasaki, R. (eds.) IWSEC 2010. LNCS, vol. 6434, pp. 354–370. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Cybernetica AS, Estonia

    Ahto Buldas & Aleksandr Lenin

  2. Guardtime AS, Estonia

    Ahto Buldas

  3. Tallinn University of Technology, Estonia

    Ahto Buldas & Aleksandr Lenin

Authors
  1. Ahto Buldas
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Aleksandr Lenin
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, Missouri University of Science and Technology, 500 West 15th Street, 325B Computer Science Building, 65409, Rolla, MO, USA

    Sajal K. Das

  2. Department of Computer Science, Purdue University, LWSN 2142J, 305 N. University Street, 47907, West Lafayette, IN, USA

    Cristina Nita-Rotaru

  3. Data Seurity and Privacs Lab, University of Texas at Dallas, 800 W. Campbell Road, MS EC31, 75080, Richardson, TX, USA

    Murat Kantarcioglu

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer International Publishing Switzerland

About this paper

Cite this paper

Buldas, A., Lenin, A. (2013). New Efficient Utility Upper Bounds for the Fully Adaptive Model of Attack Trees. In: Das, S.K., Nita-Rotaru, C., Kantarcioglu, M. (eds) Decision and Game Theory for Security. GameSec 2013. Lecture Notes in Computer Science, vol 8252. Springer, Cham. https://doi.org/10.1007/978-3-319-02786-9_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-02786-9_12

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-02785-2

  • Online ISBN: 978-3-319-02786-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation