2012
DOI: 10.4018/jsse.2012040101
|View full text |Cite
|
Sign up to set email alerts
|

Attribute Decoration of Attack–Defense Trees

Abstract: Attack-defense trees can be used as part of threat and risk analysis for system development and maintenance. They are an extension of attack trees with defense measures. Moreover, tree nodes can be decorated with attributes, such as probability, impact and penalty, to increase the expressiveness of the model. Attribute values are typically assigned based on cognitive estimations and historically recorded events. This paper presents a practical case study with attack-defense trees. First, we create an attack-de… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
2

Citation Types

0
57
0

Year Published

2014
2014
2021
2021

Publication Types

Select...
6
1
1

Relationship

2
6

Authors

Journals

citations
Cited by 54 publications
(57 citation statements)
references
References 25 publications
0
57
0
Order By: Relevance
“…In [16], we have proven that the analysis of attack-defense trees is computationally not more expensive than the analysis of attack trees. Furthermore, the usefulness of attack-defense trees for the analysis of real-world security problems has been validated in a large industrial case study [2]. These results show that attack-defense trees have the potential to become an efficient and practical security modeling and risk assessment tool.…”
Section: Introductionmentioning
confidence: 83%
“…In [16], we have proven that the analysis of attack-defense trees is computationally not more expensive than the analysis of attack trees. Furthermore, the usefulness of attack-defense trees for the analysis of real-world security problems has been validated in a large industrial case study [2]. These results show that attack-defense trees have the potential to become an efficient and practical security modeling and risk assessment tool.…”
Section: Introductionmentioning
confidence: 83%
“…They identified rules for which extending attack trees did not increase computational complexity. Bagnato et al [19] also used attack-defense trees, which focus on how attackers and defenders relate, to identify risk to an RFID system in a case study. Based on their model, they were able to identify guidelines to adhere to when using similar strategies.…”
Section: Attack Graph Modelsmentioning
confidence: 99%
“…This is done in order to enhance the expressive capability of the model. The values of the characteristics are determined based on cognitive assessment and historical events [19].…”
Section: Attack Graph Modelsmentioning
confidence: 99%
“…Kordy et al [16] provide a survey on attack trees and related formalisms. While basic quantitative analysis, i.e., a bottom-up computation for a single parameter (e.g., cost, probability or time of an attack), can be performed directly on attack trees [4], several proposals exist to extend the basic attack tree formalism in order to support better analysis. For example, Buldas et al [6], Jürgenson and Willemson [14] introduced multi-parameter attack trees with interdependent variables; Dalton et al [7] have proposed analysing attack trees as Generalized Stochastic Petri Nets; Arnold et al [2] applied interactive Input/Output Markov Chains to enhance temporal and stochastic dependencies analysis in attack trees.…”
Section: Introductionmentioning
confidence: 99%
“…For example, burglarresistance classes for physical security mechanisms, such as doors and windows, define how much time an attacker equipped with certain tools needs to spend on the intrusion [25]. Explicit consideration of defenses in the analysis allows the domain experts to get a better picture of the scenario [4,15]. Recently, Hermanns et al [12] have created the attack-defense-diagrams formalism extending attackedefense trees with trigger and reset gates, which allow expressing temporal behaviours.…”
Section: Introductionmentioning
confidence: 99%