Automated Generation of Attack Trees

Vigo, Roberto; Nielson, Flemming; Nielson, Hanne Riis

doi:10.1109/csf.2014.31

Cited by 59 publications

(56 citation statements)

References 30 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In the example system, both Charlie and Alice own matching assets, so the transformation generates two possible attacks, one using Charlie's card, another using Alice's card. Clearly, the first transformation result does not necessarily represent an attack; generating such unwanted artefacts can either prohibited by restricting permissible actors in the policy, 4 or it can be dealt with in later phases that work on the generated attacks.…”

Section: Transforming the Examplementioning

confidence: 99%

“…The generated attack takes account for all combinations hereof; some parts of the tree can be pruned or simplified in a later phase similar to [4]. Once the card and the pin have been obtained, Charlie moves to the location ATM and inputs the asset cash.…”

Section: Transforming the Examplementioning

confidence: 99%

“…The goal of the defender is then to inhibit one or more of the attack steps, thereby prohibiting the overall attack, or at least making it more difficult or expensive. While attacks trees for purely technical attacks may be constructed by automated means [4,5], for example by scanning networks and identifying software versions, this is currently not possible for attacks exploiting the human factors. Actually, only few, if any, approaches to systematic risk assessment take such "human factor"-based attacks into consideration.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Transforming Graphical System Models to Graphical Attack Models

Ivanova

Probst

Hansen

et al. 2016

Graphical Models for Security

View full text Add to dashboard Cite

Abstract. Manually identifying possible attacks on an organisation is a complex undertaking; many different factors must be considered, and the resulting attack scenarios can be complex and hard to maintain as the organisation changes. System models provide a systematic representation of organisations that helps in structuring attack identification and can integrate physical, virtual, and social components. These models form a solid basis for guiding the manual identification of attack scenarios. Their main benefit, however, is in the analytic generation of attacks. In this work we present a systematic approach to transforming graphical system models to graphical attack models in the form of attack trees. Based on an asset in the model, our transformations result in an attack tree that represents attacks by all possible actors in the model, after which the actor in question has obtained the asset.

show abstract

Section: Transforming the Examplementioning

confidence: 99%

Section: Transforming the Examplementioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Transforming Graphical System Models to Graphical Attack Models

Ivanova

Probst

Hansen

et al. 2016

Graphical Models for Security

View full text Add to dashboard Cite

show abstract

“…Based on these observations, their paper extends dynamic attack tree models using the ordered parallel behavior of AND-and OR-gates. Vigo et al [14] proposed an automated attack tree generator using a static analysis approach. The attack trees are automatically inferred from a process of algebraic specification and Satisfiability Modulo Theories in a syntax-directed fashion while avoiding exponential explosion.…”

Section: Attack Graph Modelsmentioning

confidence: 99%

Attack-Graph Threat Modeling Assessment of Ambulatory Medical Devices

Luckett¹,

McDonald²,

Glisson³

2017

Proceedings of the 50th Hawaii International Conference on System Sciences (2017)

View full text Add to dashboard Cite

show abstract

“…Attack trees provide structure to the represented attacks by relating a node representing the goal of an attack with different alternative or required sub-goals, which an attacker may or must perform. This structure makes attack trees also an appropriate target for automated identification of attacks [4][5][6].…”

Section: Introductionmentioning

confidence: 99%

Understanding How Components of Organisations Contribute to Attacks

Aslanyan

Probst

2016

Secure IT Systems

View full text Add to dashboard Cite

Abstract. Attacks on organisations today explore many different layers, including buildings infrastructure, IT infrastructure, and human factor -the physical, virtual, and social layer. Identifying possible attacks, understanding their impact, and attributing their origin and contributing factors is difficult. Recently, system models have been used for automatically identifying possible attacks on the modelled organisation. The generated attacks consider all three layers, making the contribution of building infrastructure, computer infrastructure, and humans (insiders and outsiders) explicit. However, this contribution is only visible in the attack trees as part of the performed steps; it cannot be mapped back to the model directly since the actions usually involve several elements (attacker and targeted actor or asset). Especially for large attack trees, understanding the relations between several model components quickly results in a large quantity of interrelations, which are hard to grasp. In this work we present several approaches for visualising attributes of attacks such as likelihood of success, impact, and required time or skill level. The resulting visualisations provide a link between attacks on an organisations and the contribution of parts of an organisation to the attack and its impact.

show abstract

Automated Generation of Attack Trees

Cited by 59 publications

References 30 publications

Transforming Graphical System Models to Graphical Attack Models

Transforming Graphical System Models to Graphical Attack Models

Attack-Graph Threat Modeling Assessment of Ambulatory Medical Devices

Understanding How Components of Organisations Contribute to Attacks

Contact Info

Product

Resources

About