Jhawar, Ravi ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) ; University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)
Lounis, Karim ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) ; University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)
Mauw, Sjouke ; University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)
Ramirez Cruz, Yunior ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) ; University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)
External co-authors :
no
Language :
English
Title :
Semi-automatically Augmenting Attack Trees using an Annotated Attack Tree Library
Publication date :
October 2018
Event name :
14th International Workshop on Security and Trust Management
Audinot, M., Pinchinat, S., Kordy, B.: Is my attack tree correct? In: Foley, S.N., Gollmann, D., Snekkenes, E. (eds.) ESORICS 2017 Part I. LNCS, vol. 10492, pp. 83–102. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66402-6 7
Chen, D., Mannin, C.: A fast and accurate dependency parser using neural networks. In: Proceedings of the 2014 Conference on Empirical Methods in Natural Language Processing (EMNLP), pp. 740–750 (2014)
De Marneffe, M.C., Manning, C.D.: Stanford typed dependencies manual. Technical report, Stanford University (2008)
Fraile, M., Ford, M., Gadyatskaya, O., Kumar, R., Stoelinga, M., Trujillo-Rasua, R.: Using attack-defense trees to analyze threats and countermeasures in an ATM: a case study. In: Horkoff, J., Jeusfeld, M.A., Persson, A. (eds.) PoEM 2016. LNBIP, vol. 267, pp. 326–334. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-48393-1 24
Gadyatskaya, O.: How to generate security cameras: towards defence generation for socio-technical systems. In: Mauw, S., Kordy, B., Jajodia, S. (eds.) GraMSec 2015. LNCS, vol. 9390, pp. 50–65. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-29968-6 4
Gadyatskaya, O., Jhawar, R., Mauw, S., Trujillo-Rasua, R., Willemse, T.A.C.: Refinement-aware generation of attack trees. In: Livraga, G., Mitchell, C. (eds.) STM 2017. LNCS, vol. 10547, pp. 164–179. Springer, Cham (2017). https://doi. org/10.1007/978-3-319-68063-7 11
Hansen, R.R., Jensen, P.G., Larsen, K.G., Legay, A., Poulsen, D.B.: Quantitative evaluation of attack defense trees using stochastic timed automata. In: Liu, P., Mauw, S., Stølen, K. (eds.) GraMSec 2017. LNCS, vol. 10744, pp. 75–90. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-74860-3 5
Hong, J.B., Kim, D.S., Takaoka, T.: Scalable attack representation model using logic reduction techniques. In: Proceedings of TrustCom. IEEE (2013)
Ivanova, M.G., Probst, C.W., Hansen, R.R., Kammüller, F.: Transforming graphical system models to graphical attack models. In: Mauw, S., Kordy, B., Jajodia, S. (eds.) GraMSec 2015. LNCS, vol. 9390, pp. 82–96. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-29968-6 6
Jhawar, R., Lounis, K., Mauw, S.: A stochastic framework for quantitative analysis of attack-defense trees. In: Barthe, G., Markatos, E., Samarati, P. (eds.) STM 2016. LNCS, vol. 9871, pp. 138–153. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-46598-2 10
Kordy, B., Mauw, S., Radomirović, S., Schweitzer, P.: Attack-defense trees. J. Log. Comput. 24(1), 55–87 (2014). Oxford University Press
Lounis, K.: Stochastic-based semantics of attack-defense trees for security assessment. Electron. Notes Theor. Comput. Sci. 337, 135–154 (2018)
Lu, W.P., Li, W.M.: Space based information system security risk evaluation based on improved attack trees. In: Proceedings of MINES 2011, pp. 480–483 (2011)
Manning, C.D., Surdeanu, M., Bauer, J., Finkel, J., Bethard, S.J., McClosky, D.: The stanford CoreNLP natural language processing toolkit. In: Association for Computational Linguistics (ACL) System Demonstrations, pp. 55–60 (2014)
Mauw, S., Oostdijk, M.: Foundations of attack trees. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186–198. Springer, Heidelberg (2006). https://doi.org/10.1007/11734727 17
Piètre-Cambacédès. L., Bouissou, M.: Beyond attack trees: dynamic security modeling with Boolean logic driven markov processes (BDMP). In: Proceedings of EDCC 2010, Los Alamitos, CA, USA, pp. 199–208. IEEE Computer Society (2010)
Pinchinat, S., Acher, M., Vojtisek, D.: ATSyRa: an integrated environment for synthesizing attack trees. In: Mauw, S., Kordy, B., Jajodia, S. (eds.) GraMSec 2015. LNCS, vol. 9390, pp. 97–101. Springer, Cham (2016). https://doi.org/10. 1007/978-3-319-29968-6 7
Roy, A., Kim, D.S., Trivedi, K.S.: Attack countermeasure trees (ACT): towards unifying the constructs of attack and defense trees. Secur. Commun. Netw. 5(8), 929–943 (2012)
Schneier, B.: Attack trees: modeling security threats. Dr. Dobb’s J. Softw. Tools 24(12), 21–29 (1999)
Schneier, B.: Secrets and Lies: Digital Security in a Networked World. Wiley, Hoboken (2011)
Schuster, S., Manning, C.D.: Enhanced english universal dependencies: an improved representation for natural language understanding tasks. In: Proceedings of LREC 2016 (2016)
Shostack, A.: Threat modeling: Designing for security. Wiley, Hoboken (2014)
Vigo, R., Nielsen, F., Nielson, H.R.: Automated generation of attack trees. In: Proceedings of CSF 2014, pp. 337–350. IEEE (2014)
Jürgenson, A., Willemson, J.: Serial model for attack tree computations. In: Lee, D., Hong, S. (eds.) ICISC 2009. LNCS, vol. 5984, pp. 118–128. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14423-3 9