Reference : Attribute evaluation on attack trees with incomplete information
Scientific journals : Article
Engineering, computing & technology : Computer science
Security, Reliability and Trust
http://hdl.handle.net/10993/41590
Attribute evaluation on attack trees with incomplete information
English
Buldas, Ahto mailto []
Gadyatskaya, Olga mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Lenin, Aleksandr mailto []
Mauw, Sjouke mailto [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
Trujillo Rasua, Rolando mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > > ; Deakin University]
2020
Computers and Security
Elsevier
88
101630
Yes (verified by ORBilu)
International
0167-4048
United Kingdom
[en] Attack trees are considered a useful tool for security modelling because they support qualitative as well as quantitative analysis. The quantitative approach is based on values associated to each node in the tree, expressing, for instance, the minimal cost or probability of an attack. Current quantitative methods for attack trees allow the analyst to, based on an initial assignment of values to the leaf nodes, derive the values of the higher nodes in the tree. In practice, however, it shows to be very difficult to obtain reliable values for all leaf nodes. The main reasons are that data is only available for some of the nodes, that data is available for intermediate nodes rather than for the leaf nodes, or even that the available data is inconsistent. We address these problems by developing a generalisation of the standard bottom-up calculation method in three ways. First, we allow initial attributions of non-leaf nodes. Second, we admit additional relations between attack steps beyond those provided by the underlying attack tree semantics. Third, we support the calculation of an approximative solution in case of inconsistencies. We illustrate our method, which is based on constraint programming, by a comprehensive case study.
http://hdl.handle.net/10993/41590
10.1016/j.cose.2019.101630

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Limited access
compsec.pdfPublisher postprint983.95 kBRequest a copy

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.