Skip to main content
SpringerLink
Log in

Genetic Approximations for the Failure-Free Security Games

  • Conference paper
  • First Online:
Decision and Game Theory for Security (GameSec 2015)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9406))

Included in the following conference series:

Abstract

This paper deals with computational aspects of attack trees, more precisely, evaluating the expected adversarial utility in the failure-free game, where the adversary is allowed to re-run failed atomic attacks an unlimited number of times. It has been shown by Buldas and Lenin that exact evaluation of this utility is an NP-complete problem, so a computationally feasible approximation is needed. In this paper we consider a genetic approach for this challenge. Since genetic algorithms depend on a number of non-trivial parameters, we face a multi-objective optimization problem and we consider several heuristic criteria to solve it.

This research was supported by the European Regional Development Fund through Centre of Excellence in Computer Science (EXCS), the Estonian Research Council under Institutional Research Grant IUT27-1 and the European Union Seventh Framework Programme (FP7/2007–2013) under grant agreement ICT-318003 (TREsPASS). This publication reflects only the authors’ views and the Union is not liable for any use that may be made of the information contained herein.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Vesely, W., Goldberg, F., Roberts, N., Haasl, D.: Fault tree handbook. US Government Printing Office: Systems and Reliability Research, Office of Nuclear Regulatory Research. U.S, Nuclear Regulatory Commission, January 1981

    Google Scholar 

  2. Weiss, J.D.: A system security engineering process. In: Proceedings of the 14th National Computer Security Conference, pp. 572–581 (1991)

    Google Scholar 

  3. Schneier, B.: Attack trees: modeling security threats. Dr. Dobb’s J. 24(12), 21–29 (1999)

    Google Scholar 

  4. Mauw, S., Oostdijk, M.: Foundations of attack trees. In: Kim, S., Won, D.H. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186–198. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  5. Buldas, A., Laud, P., Priisalu, J., Saarepera, M., Willemson, J.: Rational choice of security measures via multi-parameter attack trees. In: López, J. (ed.) CRITIS 2006. LNCS, vol. 4347, pp. 235–248. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  6. Jürgenson, A., Willemson, J.: Serial model for attack tree computations. In: Lee, D., Hong, S. (eds.) ICISC 2009. LNCS, vol. 5984, pp. 118–128. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  7. Jürgenson, A., Willemson, J.: Computing exact outcomes of multi-parameter attack trees. In: Meersman, R., Tari, Z. (eds.) OTM 2008, Part II. LNCS, vol. 5332, pp. 1036–1051. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  8. Jürgenson, A., Willemson, J.: On fast and approximate attack tree computations. In: Wang, G., Deng, R.H., Won, Y., Kwak, J. (eds.) ISPEC 2010. LNCS, vol. 6047, pp. 56–66. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  9. Lenin, A., Willemson, J., Sari, D.P.: Attacker profiling in quantitative security assessment based on attack trees. In: Bernsmed, K., Fischer-Hübner, S. (eds.) NordSec 2014. LNCS, vol. 8788, pp. 199–212. Springer, Heidelberg (2014)

    Google Scholar 

  10. Buldas, A., Stepanenko, R.: Upper bounds for adversaries’ utility in attack trees. In: Walrand, J., Grossklags, J. (eds.) GameSec 2012. LNCS, vol. 7638, pp. 98–117. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  11. Buldas, A., Lenin, A.: New efficient utility upper bounds for the fully adaptive model of attack trees. In: Das, S.K., Nita-Rotaru, C., Kantarcioglu, M. (eds.) GameSec 2013. LNCS, vol. 8252, pp. 192–205. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  12. Lenin, A., Buldas, A.: Limiting adversarial budget in quantitative security assessment. In: Poovendran, R., Saad, W. (eds.) GameSec 2014. LNCS, vol. 8840, pp. 155–174. Springer, Heidelberg (2014)

    Google Scholar 

  13. Srinivas, M., Patnaik, L.M.: Adaptive probabilities of crossover and mutation in genetic algorithms. IEEE Trans. Syst. Man Cybern. 24(4), 656–667 (1994)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Cybernetica AS, Mäealuse 2/1, Tallinn, Estonia

    Aleksandr Lenin, Jan Willemson & Anton Charnamord

  2. Tallinn University of Technology, Ehitajate Tee 5, Tallinn, Estonia

    Aleksandr Lenin & Anton Charnamord

Authors
  1. Aleksandr Lenin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jan Willemson
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Anton Charnamord
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Aleksandr Lenin .

Editor information

Editors and Affiliations

  1. Queen Mary University of London, London, United Kingdom

    MHR Khouzani

  2. University of Brighton, Brighton, United Kingdom

    Emmanouil Panaousis

  3. Cardiff University, Cardiff, United Kingdom

    George Theodorakopoulos

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Lenin, A., Willemson, J., Charnamord, A. (2015). Genetic Approximations for the Failure-Free Security Games. In: Khouzani, M., Panaousis, E., Theodorakopoulos, G. (eds) Decision and Game Theory for Security. GameSec 2015. Lecture Notes in Computer Science(), vol 9406. Springer, Cham. https://doi.org/10.1007/978-3-319-25594-1_17

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-25594-1_17

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-25593-4

  • Online ISBN: 978-3-319-25594-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation