Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Graphical Models for Security

GraMSec 2016: Graphical Models for Security pp 80–93Cite as

Bridging Two Worlds: Reconciling Practical Risk Assessment Methodologies with Theory of Attack Trees

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9987))

Abstract

Security risk treatment often requires a complex cost-benefit analysis to be carried out in order to select countermeasures that optimally reduce risks while having minimal costs. According to ISO/IEC 27001, risk treatment relies on catalogues of countermeasures, and the analysts are expected to estimate the residual risks. At the same time, recent advancements in attack tree theory provide elegant solutions to this optimization problem. In this paper we propose to bridge the gap between these two worlds by introducing optimal countermeasure selection problem on attack-defense trees into the TRICK security risk assessment methodology.

The research leading to the results presented in this work received funding from the European Commission’s Seventh Framework Programme (FP7/2007–2013) under grant agreement number 318003 (TREsPASS) and Fonds National de la Recherche Luxembourg under the grant C13/IS/5809105 (ADT2P).

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Albanese, M., Jajodia, S., Noel, S.: Time-efficient and cost-effective network hardening using attack graphs. In: 2012 42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 1–12. IEEE (2012)

    Google Scholar 

  2. Aslanyan, Z., Nielson, F.: Pareto efficient solutions of attack-defence trees. In: Focardi, R., Myers, A. (eds.) POST 2015. LNCS, vol. 9036, pp. 95–114. Springer, Heidelberg (2015)

    Google Scholar 

  3. Bistarelli, S., Fioravanti, F., Peretti, P.: Defense trees for economic evaluation of security investments. In: The First International Conference on Availability, Reliability and Security, 2006 ARES 2006, pp. 8-pp. IEEE (2006)

    Google Scholar 

  4. Bundesamt fur Sicherheit in der Informationstechnik: IT-Grundschutz-Catalogues, 13th version (2013)

    Google Scholar 

  5. Edge, K.S., Dalton, G.C., Raines, R.A., Mills, R.F., et al.: Using attack and protection trees to analyze threats and defenses to homeland security. In: Military Communications Conference 2006. MILCOM 2006, pp. 1–7. IEEE (2006)

    Google Scholar 

  6. European Organization for Safety of Air Navigation: Threats, Pre-controls and post-controls catalogues (2009)

    Google Scholar 

  7. Gadyatskaya, O.: How to generate security cameras: towards defence generation for socio-technical systems. In: Mauw, S., et al. (eds.) GraMSec 2015. LNCS, vol. 9390, pp. 50–65. Springer, Heidelberg (2016). doi:10.1007/978-3-319-29968-6_4

    Chapter  Google Scholar 

  8. Gadyatskaya, O., Jhawar, R., Kordy, P., Lounis, K., Mauw, S., Trujillo-Rasua, R.: Attack trees for practical security assessment: ranking of attack scenarios with ADTool 2.0. In: Agha, G., Van Houdt, B. (eds.) QEST 2016. LNCS, vol. 9826, pp. 159–162. Springer, Heidelberg (2016). doi:10.1007/978-3-319-43425-4_10

    Chapter  Google Scholar 

  9. Harpes, C., Adelsbach, A., Zatti, S., Peccia, N.: Quantitative risk assessment with ISAMM on ESA’s operations data system. In: Proceedings of TTC (2007)

    Google Scholar 

  10. ISO: 27799:2008 Health Informatics - Information security management in health using ISO/IEC 27002 (2008)

    Google Scholar 

  11. ISO, IEC: 27005:2011 Information technology Security techniques Information security risk management (2011)

    Google Scholar 

  12. ISO, IEC: 27001:2013 Information technology - Security techniques - Information security management systems - Requirements (2013)

    Google Scholar 

  13. ISO, IEC: 27002:2013 Information technology Security techniques Code of practice for information security controls (2013)

    Google Scholar 

  14. ISO, IEC: TR 27019:2013 Information technology Security techniques Information security management guidelines based on ISO/IEC 27002 for process control systems specific to the energy utility industry (2013)

    Google Scholar 

  15. Kordy, B., Kordy, P., Mauw, S., Schweitzer, P.: ADTool: security analysis with attack–defense trees. In: Joshi, K., Siegle, M., Stoelinga, M., D’Argenio, P.R. (eds.) QEST 2013. LNCS, vol. 8054, pp. 173–176. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  16. Kordy, B., Mauw, S., Radomirović, S., Schweitzer, P.: Attack-defense trees. J. Logic Comput. 24(1), 55–87 (2014)

    Article  MathSciNet  MATH  Google Scholar 

  17. Mauw, S., Oostdijk, M.: Foundations of attack trees. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186–198. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  18. NATO Research and Technology Organisation (RTO): Improving common security risk analysis (2008)

    Google Scholar 

  19. NIST: Special Publication 800–53 Revision 4. Security and privacy controls for federal information systems and organizations (2013). http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf

  20. NIST: Framework for Improving Critical Infrastructure Cybersecurity (2014)

    Google Scholar 

  21. OWASP: CISO AppSec Guide: Criteria for managing application security risks (2013)

    Google Scholar 

  22. PCI Security Standards Council: Payment Card Industry Data Security Standards (PCI DSS) (2016). https://www.pcisecuritystandards.org/

  23. PWC: The global state of information security survey (2016). http://www.pwc.com/gx/en/issues/cyber-security/information-security-survey.html

  24. Refsdal, A., Solhaug, B., Stølen, K.: Cyber-Risk Management. Springer Briefs in Computer Science. Springer International Publishing, Heidelberg (2015)

    Book  Google Scholar 

  25. Roy, A., Kim, D.S., Trivedi, K.S.: Scalable optimal countermeasure selection using implicit enumeration on attack countermeasure trees. In: Proceedings of the 42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks, pp. 299–310. IEEE (2012)

    Google Scholar 

  26. Schneier, B.: Attack trees. Dr. Dobb’s J. Softw. Tools 24, 21–29 (1999)

    Google Scholar 

  27. TREsPASS: Technology-supported Risk Estimation by Predictive Assessment of Socio-technical Security (2016). http://www.trespass-project.eu/

Download references

Author information

Authors and Affiliations

  1. SnT, University of Luxembourg, Luxembourg, Luxembourg

    Olga Gadyatskaya, Sjouke Mauw & Cédric Muller

  2. itrust Consulting, Niederanven, Luxembourg

    Carlo Harpes, Cédric Muller & Steve Muller

Authors
  1. Olga Gadyatskaya
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Carlo Harpes
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sjouke Mauw
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Cédric Muller
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Steve Muller
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Olga Gadyatskaya .

Editor information

Editors and Affiliations

  1. INSA Rennes & IRISA, Rennes, France

    Barbara Kordy

  2. KTH Royal Institute of Technology , Stockholm, Sweden

    Mathias Ekstedt

  3. University of Canterbury , Christchurch, New Zealand

    Dong Seong Kim

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing AG

About this paper

Cite this paper

Gadyatskaya, O., Harpes, C., Mauw, S., Muller, C., Muller, S. (2016). Bridging Two Worlds: Reconciling Practical Risk Assessment Methodologies with Theory of Attack Trees. In: Kordy, B., Ekstedt, M., Kim, D. (eds) Graphical Models for Security. GraMSec 2016. Lecture Notes in Computer Science(), vol 9987. Springer, Cham. https://doi.org/10.1007/978-3-319-46263-9_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-46263-9_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-46262-2

  • Online ISBN: 978-3-319-46263-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation