DARPA Information Assurance Program dynamic defense experiment summary

Kewley, D.L.; Bouchard, Julie F.

doi:10.1109/3468.935052

Cited by 33 publications

(20 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…DARPA has run a number of experiments where attack trees have been used, see for instance [25,27]. However, the purpose of these experiments was not to evaluate attack trees, but to evaluate the defence strategies and mechanisms employed by the team or system in responding to attacks from the outside.…”

Section: Attack Treesmentioning

confidence: 99%

Experimental comparison of attack trees and misuse cases for security threat identification

Opdahl

Sindre

2009

Information and Software Technology

109

View full text Add to dashboard Cite

Section: Attack Treesmentioning

confidence: 99%

Experimental comparison of attack trees and misuse cases for security threat identification

Opdahl

Sindre

2009

Information and Software Technology

109

View full text Add to dashboard Cite

“…In red teaming a team of security experts, referred to as the red team, act as attackers and tries to break-in the system by using and developing sophisticated attack tools while another group of experts, referred to as the blue team, lines up to defend the system. Such an exercise was conducted by DARPA under its Information Assurance program which showed the advantages of using red teaming (Wood and Duggan, 1999;Kewley and Bouchard, 2001). A similar antagonistic mutual relationship is found between the inhabitants of natural echo systems, such as the relationships between the plants and the herbivores or hosts and parasites.…”

Section: Coevolutionmentioning

confidence: 99%

Biologically-inspired Complex Adaptive Systems approaches to Network Intrusion Detection

Shafi

Abbass

2007

Information Security Technical Report

View full text Add to dashboard Cite

“…In [4,5], Edge et al modeled an online banking scenario and homeland security via deriving protection trees from ATrees. Following the approach of [7], a methodology to construct ATrees based on the system architecture, risk assessment study outcomes and a security knowledge base is proposed in [14]. This methodology follows a layered approach to generate skeletons of attack trees.…”

Section: Background and Preliminariesmentioning

confidence: 99%

Using Attack-Defense Trees to Analyze Threats and Countermeasures in an ATM: A Case Study

Fraile

Ford²,

Gadyatskaya

et al. 2016

Lecture Notes in Business Information Processing

View full text Add to dashboard Cite

Abstract. Securing automated teller machines (ATMs), as critical and complex infrastructure, requires a precise understanding of the associated threats. This paper reports on the application of attack-defense trees to model and analyze the security of ATMs. We capture the most dangerous multi-stage attack scenarios applicable to ATM structures, and establish a practical experience report, where we reflect on the process of modeling ATM threats via attack-defense trees. In particular, we share our insights into the benefits and drawbacks of attack-defense tree modeling, as well as best practices and lessons learned.

show abstract

DARPA Information Assurance Program dynamic defense experiment summary

Cited by 33 publications

References 13 publications

Experimental comparison of attack trees and misuse cases for security threat identification

Experimental comparison of attack trees and misuse cases for security threat identification

Biologically-inspired Complex Adaptive Systems approaches to Network Intrusion Detection

Using Attack-Defense Trees to Analyze Threats and Countermeasures in an ATM: A Case Study

Contact Info

Product

Resources

About