Serial Model for Attack Tree Computations

Jürgenson, Aivo; Willemson, Jan

doi:10.1007/978-3-642-14423-3_9

Serial Model for Attack Tree Computations

Aivo Jürgenson^18,19 &
Jan Willemson²⁰

Conference paper

1373 Accesses
20 Citations

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5984))

Abstract

In this paper we extend the standard attack tree model by introducing temporal order to the attacker’s decision making process. This will allow us to model the attacker’s behaviour more accurately, since this way it is possible to study his actions related to dropping some of the elementary attacks due to them becoming obsolete based on the previous success/failure results. We propose an efficient algorithm for computing the attacker’s expected outcome based on the given order of the elementary attacks and discuss the pros and cons of considering general rooted directed acyclic graphs instead of plain trees as the foundations for attack modelling.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Vesely, W., Goldberg, F., Roberts, N., Haasl, D.: Fault Tree Handbook. US Government Printing Office, Systems and Reliability Research, Office of Nuclear Regulatory Research, U.S. Nuclear Regulatory Commission (January 1981)
Google Scholar
Viega, J., McGraw, G.: Building Secure Software: How to Avoid Security Problems the Right Way. Addison Wesley Professional, Reading (2001)
Google Scholar
Moore, A.P., Ellison, R.J., Linger, R.C.: Attack modeling for information security and survivability. Technical Report CMU/SEI-2001-TN-001, Software Engineering Institute (2001)
Google Scholar
Weiss, J.D.: A system security engineering process. In: Proceedings of the 14th National Computer Security Conference, pp. 572–581 (1991)
Google Scholar
Schneier, B.: Attack trees: Modeling security threats. Dr. Dobb’s Journal 24(12), 21–29 (1999)
Google Scholar
Edge, K.S.: A Framework for Analyzing and Mitigating the Vulnerabilities of Complex Systems via Attack and Protection Trees. PhD thesis, Air Force Institute of Technology, Ohio (2007)
Google Scholar
Espedahlen, J.H.: Attack trees describing security in distributed internet-enabled metrology. Master’s thesis, Department of Computer Science and Media Technology, Gjøvik University College (2007)
Google Scholar
Convery, S., Cook, D., Franz, M.: An attack tree for the border gateway protocol. IETF Internet draft (2004), http://www.ietf.org/proceedings/04aug/I-D/draft-ietf-rpsec-bgpattack-00.txt
Byres, E., Franz, M., Miller, D.: The use of attack trees in assessing vulnerabilities in SCADA systems. In: International Infrastructure Survivability Workshop (IISW 2004), Lisbon, Portugal. IEEE, Los Alamitos (2004)
Google Scholar
Buldas, A., Mägi, T.: Practical security analysis of e-voting systems. In: Miyaji, A., Kikuchi, H., Rannenberg, K. (eds.) IWSEC 2007. LNCS, vol. 4752, pp. 320–335. Springer, Heidelberg (2007)
Chapter Google Scholar
Saini, V., Duan, Q., Paruchuri, V.: Threat modeling using attack trees. J. Comput. Small Coll. 23(4), 124–131 (2008)
Google Scholar
Mauw, S., Oostdijk, M.: Foundations of attack trees. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186–198. Springer, Heidelberg (2006)
Chapter Google Scholar
Buldas, A., Laud, P., Priisalu, J., Saarepera, M., Willemson, J.: Rational Choice of Security Measures via Multi-Parameter Attack Trees. In: López, J. (ed.) CRITIS 2006. LNCS, vol. 4347, pp. 235–248. Springer, Heidelberg (2006)
Chapter Google Scholar
Jürgenson, A., Willemson, J.: Processing multi-parameter attacktrees with estimated parameter values. In: Miyaji, A., Kikuchi, H., Rannenberg, K. (eds.) IWSEC 2007. LNCS, vol. 4752, pp. 308–319. Springer, Heidelberg (2007)
Chapter Google Scholar
Jürgenson, A., Willemson, J.: Computing exact outcomes of multi-parameter attack trees. In: Meersman, R., Tari, Z. (eds.) OTM 2008, Part II. LNCS, vol. 5332, pp. 1036–1051. Springer, Heidelberg (2008)
Chapter Google Scholar
Opel, A.: Design and implementation of a support tool for attack trees. Technical report, Otto-von-Guericke University, Internship Thesis (March 2005)
Google Scholar
Jürgenson, A., Willemson, J.: Ründepuud: pooladaptiivne mudel ja ligikaudsed arvutused (in Estonian). Technical Report T-4-4, Cybernetica, Institute of Information Security (2009), http://research.cyber.ee/

Download references

Author information

Authors and Affiliations

Tallinn University of Technology, Raja 15, 12618, Tallinn, Estonia
Aivo Jürgenson
Elion Enterprises Ltd, Endla 16, 15033, Tallinn, Estonia
Aivo Jürgenson
Cybernetica, Aleksandri 8a, Tartu, 51004, Estonia
Jan Willemson

Authors

Aivo Jürgenson
View author publications
You can also search for this author in PubMed Google Scholar
Jan Willemson
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

CIST (Center for Information Security Technologies), Korea University Anam Dong, Sungbuk Gu, Seoul, Korea
Donghoon Lee
Center for Information Security Technologies(CIST), Korea University, Seoul, Korea
Seokhie Hong

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Jürgenson, A., Willemson, J. (2010). Serial Model for Attack Tree Computations. In: Lee, D., Hong, S. (eds) Information, Security and Cryptology – ICISC 2009. ICISC 2009. Lecture Notes in Computer Science, vol 5984. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14423-3_9

Download citation

DOI: https://doi.org/10.1007/978-3-642-14423-3_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-14422-6
Online ISBN: 978-3-642-14423-3
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics