Abstract
The intricacy of socio-technical systems requires a careful planning and utilisation of security resources to ensure uninterrupted, secure and reliable services. Even though many studies have been conducted to understand and model the behaviour of a potential attacker, the detection of crucial security vulnerabilities in such a system still provides a substantial challenge for security engineers. The success of a sophisticated attack crucially depends on two factors: the resources and time available to the attacker; and the stepwise execution of interrelated attack steps. This paper presents an extension of dynamic attack tree models by using both, the sequential and parallel behaviour of AND- and OR-gates. Thereby we take great care to allow the modelling of any kind of temporal and stochastic dependencies which might occur in the model. We demonstrate the applicability on several case studies.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Apvrille, L., Roudier, Y.: SysML-Sec: a model-driven environment for developing secure embedded systems. In: SAR-SSI 2013, 8ĆØme ConfĆ©rence sur la SĆ©curitĆ© des Architectures RĆ©seaux et des SystĆØmes dāInformation, 16ā18 Septembre 2013. Mont-de-Marsan, France, Mont-de-Marsan, France, September 2013
Arnold, F., Belinfante, A., Van der Berg, F., Guck, D., Stoelinga, M.: DFTCalc: a tool for efficient fault tree analysis. In: Bitsch, F., Guiochet, J., KaĆ¢niche, M. (eds.) SAFECOMP. LNCS, vol. 8153, pp. 293ā301. Springer, Heidelberg (2013)
Arnold, F., Hermanns, H., Pulungan, R., Stoelinga, M.: Time-dependent analysis of attacks. In: Abadi, M., Kremer, S. (eds.) POST 2014 (ETAPS 2014). LNCS, vol. 8414, pp. 285ā305. Springer, Heidelberg (2014)
Baier, C., Katoen, J.: Principles of Model Checking. MIT Press, Cambridge (2008)
Boudali, H., Crouzen, P., Stoelinga, M.: A rigorous, compositional, and extensible framework for dynamic fault tree analysis. IEEE Trans. Dependable Secure Comput. 7(2), 128ā143 (2010)
Buckshaw, D.L.: Use of Decision Support Techniques for Information System Risk Management. John Wiley Sons Ltd, UK (2014)
Dalton, G., Mills, R., Colombi, J., Raines, R.: Analyzing attack trees using generalized stochastic petri nets. In: Information Assurance Workshop, 2006 IEEE, pp. 116ā123, June 2006
Evans, S., Heinbuch, D.V., Kyule, E., Piorkowski, J., Wallner, J.: Risk-based systems security engineering: stopping attacks with intention. IEEE Secur. Priv. 2(6), 59ā62 (2004)
Ford, M.D., Keefe, K., LeMay, E., Sanders, W.H., Muehrcke, C.: Implementing the ADVISE security modeling formalism in Mƶbius. In: Proceedings of the 43rd International Conference on Dependable Systems and Networks (DSN), pp. 1ā8 (2013)
Gupta, V., Lam, V., Ramasamy, H.G.V., Sanders, W.H., Singh, S.: Dependability and performance evaluation of intrusion-tolerant server architectures. In: de Lemos, R., Weber, T.S., Camargo Jr., J.B. (eds.) LADC 2003. LNCS, vol. 2847, pp. 81ā101. Springer, Heidelberg (2003)
Haas, P.J.: Stochastic petri nets for modelling and simulation. In: Proceeding of the 36th Conference on Winter Simulation, pp. 101ā112 (2004)
Ingolds, T.R.: Attack tree-based threat risk analysis. Technical report, Amenaza Technologies Ltd (2013)
JĆ¼rgenson, A., Willemson, J.: Computing exact outcomes of multi-parameter attack trees. In: Meersman, R., Tari, Z. (eds.) OTM 2008, Part II. LNCS, vol. 5332, pp. 1036ā1051. Springer, Heidelberg (2008)
Kordy, B., Pietre-Cambacedes, L., Schweitzer, P.: DAG-based attack and defense modeling: Donāt miss the forest for the attack trees. CoRR, abs/1303.7397 (2013)
Kordy, B., Pouly, M., Schweitzer, P.: Computational aspects of attackādefense trees. In: Bouvry, P., KÅopotek, M.A., LeprĆ©vost, F., Marciniak, M., Mykowiecka, A., RybiÅski, H. (eds.) SIIS 2011. LNCS, vol. 7053, pp. 103ā116. Springer, Heidelberg (2012)
Kriaa, S., Bouissou, M., PiĆØtre-CambacĆ©dĆØs, L.: Modeling the stuxnet attack with BDMP: towards more formal risk assessments. In: Proceedings of the 7th International Conference on Risk and Security of Internet and Systems (CRiSIS), pp. 1ā8, October 2012
Leemis, L.M.: Reliability: Probabilistic Models and Statistical Methods. Prentice Hall, Englewood Cliffs (1995)
Mauw, S., Oostdijk, M.: Foundations of attack trees. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186ā198. Springer, Heidelberg (2006)
McQueen, M., Boyer, W., Flynn, M., Beitel, G.: Quantitative cyber risk reduction estimation methodology for a small scada control system. In: Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS), vol. 9, p. 226, January 2006
Pieters, W., Davarynejad, M.: Calculating adversarial risk from attack trees: control strength and probabilistic attackers. In: Garcia-Alfaro, J., Herrera-JoancomartĆ, J., Lupu, E., Posegga, J., Aldini, A., Martinelli, F., Suri, N. (eds.) DPM/SETOP/QASA 2014. LNCS, vol. 8872, pp. 201ā215. Springer, Heidelberg (2015)
PiĆØtre-CambacĆ©dĆØs, L., Bouissou, M.: Attack and defense modeling with BDMP. In: Kotenko, I., Skormin, V. (eds.) MMM-ACNS 2010. LNCS, vol. 6258, pp. 86ā101. Springer, Heidelberg (2010)
PiĆØtre-CambacĆ©dĆØs, L., Bouissou, M.; Beyond attack trees: dynamic security modeling with boolean logic driven markov processes (BDMP). In: Dependable Computing Conference (EDCC), pp. 199ā208, April 2010
Sanders, W.H., Meyer, J.F.: Stochastic activity networks: formal definitions and concepts. In: Brinksma, E., Hermanns, H., Katoen, J.-P. (eds.) EEF School 2000 and FMPA 2000. LNCS, vol. 2090, pp. 315ā343. Springer, Heidelberg (2001)
Schneier, B.: Attack trees: modeling security threats. Dr. Dobbās J. 24 (1999)
Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.: Automated generation and analysis of attack graphs. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy, 2002, pp. 273ā284 (2002)
Singh, S., Cukier, M., Sanders, W.H.: Probabilistic validation of an intrusion-tolerant replication system. In: Proceedings of the 2003 International Conference on Dependable Systems and Networks (DSN), pp. 615ā624 (2003)
Weiss, J.: A system security engineering process. In: Proceedings of the 14th National Computer Security Conference, vol. 249, October 1991
Acknowledgements
This work has been supported by the EU FP7 project TREsPASS (318003) and by the STW-ProRail partnership program ExploRail under the project ArRangeer (12238).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
Ā© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Arnold, F., Guck, D., Kumar, R., Stoelinga, M. (2015). Sequential and Parallel Attack Tree Modelling. In: Koornneef, F., van Gulijk, C. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2014. Lecture Notes in Computer Science(), vol 9338. Springer, Cham. https://doi.org/10.1007/978-3-319-24249-1_25
Download citation
DOI: https://doi.org/10.1007/978-3-319-24249-1_25
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-24248-4
Online ISBN: 978-3-319-24249-1
eBook Packages: Computer ScienceComputer Science (R0)