Abstract
Attack trees technique is an effective method to investigate the threat analysis (TA) problem to known cyber-attacks on the Internet for risk assessment. Therefore, Protection Trees (PT) have been developed to migrate the system weaknesses against attacks. However, existing protection trees scheme provided a converse approach to counter against attacks, ignored the interactions between threats and defenses. Accordingly, the present study proposes a new method for solving threat analysis problem by means of an improved ADT (iADTree) scheme considering the best defense policy to select the countermeasures associated with each of attack path. Defense evaluation metrics for each node for probabilistic analysis is used to assisting defender simulate the attack results. Finally, a case of threat analysis of typical cyber security attack is given to demonstrate our approach.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Roy, A., Kim, D., Trivedi, K.S.: Cyber Security Analysis using Attack Countermeasure Trees. In: Proc. of Cyber Security and Information Intelligence Research Workshop, CSIIRW 2010, Oak Ridge, TN, USA. ACM (2010)
Kordy, B., Mauw, S., Radomirović, S., Schweitzer, P.: Foundations of Attack–Defense Trees. In: Degano, P., Etalle, S., Guttman, J. (eds.) FAST 2010. LNCS, vol. 6561, pp. 80–95. Springer, Heidelberg (2011)
Schneier, B.: Attack Trees: Modeling Security Threats. Dr. Dobbs’ Journal (December 1999)
Edge, K.S., Dalton II, G.C., Raines, R.A., Mills, R.F.: Using Attack and Protection Trees to Analyze Threats and Defenses to Homeland Security. In: MILCOM 2007, pp. 1–7 (2007)
Mannila, H., Toivonen, H., Verkamo, I.A.: Discovery of Frequent Episodes in Event Sequences. Data Mining and Knowledge Discovery 1(3), 259–289 (1997)
Honeynet Project, honeypot Dionaea, http://dionaea.carnivore.it/
ISOGraph, attack tree+, http://www.isograph-software.com/2011
Stewart, J.: Behavioral malware analysis using Sandnets. Computer Fraud & Security 2006, 4–6 (2006)
Zonouz, S.A., Khurana, H., Sanders, W.H., Yardley, T.M.: RRE: A Game-Theoretic Intrusion Response and Recovery Engine. In: Proc. DSN, pp. 439–448 (2009)
Bistarelli, S., Dall’Aglio, M., Peretti, P.: Strategic Games on Defense Trees. In: Dimitrakos, T., Martinelli, F., Ryan, P.Y.A., Schneider, S. (eds.) FAST 2006. LNCS, vol. 4691, pp. 1–15. Springer, Heidelberg (2007)
Symantec, Zeus: King of the Bots (PDF), http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/zeus_king_of_bots.pdf
Testbed @TWISC, http://testbed.ncku.edu.tw/index.php3
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Wang, P., Liu, JC. (2013). Improvements of Attack-Defense Trees for Threat Analysis. In: Pan, JS., Yang, CN., Lin, CC. (eds) Advances in Intelligent Systems and Applications - Volume 2. Smart Innovation, Systems and Technologies, vol 21. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35473-1_10
Download citation
DOI: https://doi.org/10.1007/978-3-642-35473-1_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-35472-4
Online ISBN: 978-3-642-35473-1
eBook Packages: EngineeringEngineering (R0)