Skip to main content
SpringerLink
Log in

Sequential and Parallel Attack Tree Modelling

  • Conference paper
  • First Online:
Computer Safety, Reliability, and Security (SAFECOMP 2014)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 9338))

Included in the following conference series:

Abstract

The intricacy of socio-technical systems requires a careful planning and utilisation of security resources to ensure uninterrupted, secure and reliable services. Even though many studies have been conducted to understand and model the behaviour of a potential attacker, the detection of crucial security vulnerabilities in such a system still provides a substantial challenge for security engineers. The success of a sophisticated attack crucially depends on two factors: the resources and time available to the attacker; and the stepwise execution of interrelated attack steps. This paper presents an extension of dynamic attack tree models by using both, the sequential and parallel behaviour of AND- and OR-gates. Thereby we take great care to allow the modelling of any kind of temporal and stochastic dependencies which might occur in the model. We demonstrate the applicability on several case studies.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    http://fmt.ewi.utwente.nl/puptol/atcalc/.

References

  1. Apvrille, L., Roudier, Y.: SysML-Sec: a model-driven environment for developing secure embedded systems. In: SAR-SSI 2013, 8ĆØme ConfĆ©rence sur la SĆ©curitĆ© des Architectures RĆ©seaux et des SystĆØmes dā€™Information, 16ā€“18 Septembre 2013. Mont-de-Marsan, France, Mont-de-Marsan, France, September 2013

    Google ScholarĀ 

  2. Arnold, F., Belinfante, A., Van der Berg, F., Guck, D., Stoelinga, M.: DFTCalc: a tool for efficient fault tree analysis. In: Bitsch, F., Guiochet, J., KaĆ¢niche, M. (eds.) SAFECOMP. LNCS, vol. 8153, pp. 293ā€“301. Springer, Heidelberg (2013)

    ChapterĀ  Google ScholarĀ 

  3. Arnold, F., Hermanns, H., Pulungan, R., Stoelinga, M.: Time-dependent analysis of attacks. In: Abadi, M., Kremer, S. (eds.) POST 2014 (ETAPS 2014). LNCS, vol. 8414, pp. 285ā€“305. Springer, Heidelberg (2014)

    ChapterĀ  Google ScholarĀ 

  4. Baier, C., Katoen, J.: Principles of Model Checking. MIT Press, Cambridge (2008)

    MATHĀ  Google ScholarĀ 

  5. Boudali, H., Crouzen, P., Stoelinga, M.: A rigorous, compositional, and extensible framework for dynamic fault tree analysis. IEEE Trans. Dependable Secure Comput. 7(2), 128ā€“143 (2010)

    ArticleĀ  Google ScholarĀ 

  6. Buckshaw, D.L.: Use of Decision Support Techniques for Information System Risk Management. John Wiley Sons Ltd, UK (2014)

    BookĀ  Google ScholarĀ 

  7. Dalton, G., Mills, R., Colombi, J., Raines, R.: Analyzing attack trees using generalized stochastic petri nets. In: Information Assurance Workshop, 2006 IEEE, pp. 116ā€“123, June 2006

    Google ScholarĀ 

  8. Evans, S., Heinbuch, D.V., Kyule, E., Piorkowski, J., Wallner, J.: Risk-based systems security engineering: stopping attacks with intention. IEEE Secur. Priv. 2(6), 59ā€“62 (2004)

    ArticleĀ  Google ScholarĀ 

  9. Ford, M.D., Keefe, K., LeMay, E., Sanders, W.H., Muehrcke, C.: Implementing the ADVISE security modeling formalism in Mƶbius. In: Proceedings of the 43rd International Conference on Dependable Systems and Networks (DSN), pp. 1ā€“8 (2013)

    Google ScholarĀ 

  10. Gupta, V., Lam, V., Ramasamy, H.G.V., Sanders, W.H., Singh, S.: Dependability and performance evaluation of intrusion-tolerant server architectures. In: de Lemos, R., Weber, T.S., Camargo Jr., J.B. (eds.) LADC 2003. LNCS, vol. 2847, pp. 81ā€“101. Springer, Heidelberg (2003)

    ChapterĀ  Google ScholarĀ 

  11. Haas, P.J.: Stochastic petri nets for modelling and simulation. In: Proceeding of the 36th Conference on Winter Simulation, pp. 101ā€“112 (2004)

    Google ScholarĀ 

  12. Ingolds, T.R.: Attack tree-based threat risk analysis. Technical report, Amenaza Technologies Ltd (2013)

    Google ScholarĀ 

  13. JĆ¼rgenson, A., Willemson, J.: Computing exact outcomes of multi-parameter attack trees. In: Meersman, R., Tari, Z. (eds.) OTM 2008, Part II. LNCS, vol. 5332, pp. 1036ā€“1051. Springer, Heidelberg (2008)

    ChapterĀ  Google ScholarĀ 

  14. Kordy, B., Pietre-Cambacedes, L., Schweitzer, P.: DAG-based attack and defense modeling: Donā€™t miss the forest for the attack trees. CoRR, abs/1303.7397 (2013)

    Google ScholarĀ 

  15. Kordy, B., Pouly, M., Schweitzer, P.: Computational aspects of attackā€“defense trees. In: Bouvry, P., Kłopotek, M.A., LeprĆ©vost, F., Marciniak, M., Mykowiecka, A., Rybiński, H. (eds.) SIIS 2011. LNCS, vol. 7053, pp. 103ā€“116. Springer, Heidelberg (2012)

    ChapterĀ  Google ScholarĀ 

  16. Kriaa, S., Bouissou, M., PiĆØtre-CambacĆ©dĆØs, L.: Modeling the stuxnet attack with BDMP: towards more formal risk assessments. In: Proceedings of the 7th International Conference on Risk and Security of Internet and Systems (CRiSIS), pp. 1ā€“8, October 2012

    Google ScholarĀ 

  17. Leemis, L.M.: Reliability: Probabilistic Models and Statistical Methods. Prentice Hall, Englewood Cliffs (1995)

    MATHĀ  Google ScholarĀ 

  18. Mauw, S., Oostdijk, M.: Foundations of attack trees. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186ā€“198. Springer, Heidelberg (2006)

    ChapterĀ  Google ScholarĀ 

  19. McQueen, M., Boyer, W., Flynn, M., Beitel, G.: Quantitative cyber risk reduction estimation methodology for a small scada control system. In: Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS), vol. 9, p. 226, January 2006

    Google ScholarĀ 

  20. Pieters, W., Davarynejad, M.: Calculating adversarial risk from attack trees: control strength and probabilistic attackers. In: Garcia-Alfaro, J., Herrera-JoancomartĆ­, J., Lupu, E., Posegga, J., Aldini, A., Martinelli, F., Suri, N. (eds.) DPM/SETOP/QASA 2014. LNCS, vol. 8872, pp. 201ā€“215. Springer, Heidelberg (2015)

    Google ScholarĀ 

  21. PiĆØtre-CambacĆ©dĆØs, L., Bouissou, M.: Attack and defense modeling with BDMP. In: Kotenko, I., Skormin, V. (eds.) MMM-ACNS 2010. LNCS, vol. 6258, pp. 86ā€“101. Springer, Heidelberg (2010)

    ChapterĀ  Google ScholarĀ 

  22. PiĆØtre-CambacĆ©dĆØs, L., Bouissou, M.; Beyond attack trees: dynamic security modeling with boolean logic driven markov processes (BDMP). In: Dependable Computing Conference (EDCC), pp. 199ā€“208, April 2010

    Google ScholarĀ 

  23. Sanders, W.H., Meyer, J.F.: Stochastic activity networks: formal definitions and concepts. In: Brinksma, E., Hermanns, H., Katoen, J.-P. (eds.) EEF School 2000 and FMPA 2000. LNCS, vol. 2090, pp. 315ā€“343. Springer, Heidelberg (2001)

    ChapterĀ  Google ScholarĀ 

  24. Schneier, B.: Attack trees: modeling security threats. Dr. Dobbā€™s J. 24 (1999)

    Google ScholarĀ 

  25. Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.: Automated generation and analysis of attack graphs. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy, 2002, pp. 273ā€“284 (2002)

    Google ScholarĀ 

  26. Singh, S., Cukier, M., Sanders, W.H.: Probabilistic validation of an intrusion-tolerant replication system. In: Proceedings of the 2003 International Conference on Dependable Systems and Networks (DSN), pp. 615ā€“624 (2003)

    Google ScholarĀ 

  27. Weiss, J.: A system security engineering process. In: Proceedings of the 14th National Computer Security Conference, vol. 249, October 1991

    Google ScholarĀ 

Download references

Acknowledgements

This work has been supported by the EU FP7 project TREsPASS (318003) and by the STW-ProRail partnership program ExploRail under the project ArRangeer (12238).

Author information

Authors and Affiliations

  1. Formal Methods and Tools, University of Twente, Enschede, The Netherlands

    Dennis Guck,Ā Rajesh KumarĀ &Ā MariĆ«le Stoelinga

  2. Bayer Technology Services, Leverkusen, Germany

    Florian Arnold

Authors
  1. Florian Arnold
    View author publications

    You can also search for this author in PubMedĀ Google Scholar

  2. Dennis Guck
    View author publications

    You can also search for this author in PubMedĀ Google Scholar

  3. Rajesh Kumar
    View author publications

    You can also search for this author in PubMedĀ Google Scholar

  4. Mariƫle Stoelinga
    View author publications

    You can also search for this author in PubMedĀ Google Scholar

Corresponding author

Correspondence to Dennis Guck .

Editor information

Editors and Affiliations

  1. University of Technology, Delft, The Netherlands

    Floor Koornneef

  2. University of Huddersfield, Huddersfield, United Kingdom

    Coen van Gulijk

Rights and permissions

Reprints and permissions

Copyright information

Ā© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Arnold, F., Guck, D., Kumar, R., Stoelinga, M. (2015). Sequential and Parallel Attack Tree Modelling. In: Koornneef, F., van Gulijk, C. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2014. Lecture Notes in Computer Science(), vol 9338. Springer, Cham. https://doi.org/10.1007/978-3-319-24249-1_25

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-24249-1_25

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-24248-4

  • Online ISBN: 978-3-319-24249-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation