Computing Exact Outcomes of Multi-parameter Attack Trees
OTM '08 Proceedings of the OTM 2008 Confederated International Conferences, CoopIS, DOA, GADA, IS, and ODBASE 2008. Part II on On the Move to Meaningful Internet Systems
Cyber security analysis using attack countermeasure trees
Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
Serial model for attack tree computations
ICISC'09 Proceedings of the 12th international conference on Information security and cryptology
Optimal adversary behavior for the serial model of financial attack trees
IWSEC'10 Proceedings of the 5th international conference on Advances in information and computer security
On fast and approximate attack tree computations
ISPEC'10 Proceedings of the 6th international conference on Information Security Practice and Experience
Attack countermeasure trees (ACT): towards unifying the constructs of attack and defense trees
Security and Communication Networks
Hi-index | 0.00 |
In recent years, attack trees have been developed to describe processes by which malicious users attempt to exploit or break complex systems. Attack trees offer a method of decomposing, visualizing, and determining the cost or likelihood of attacks. Attack trees by themselves do not provide enough decision support to system defenders. The defenders need methods to determine which protections to implement and where to place them in the system to mitigate the vulnerabilities found. This research develops the concept of using protection trees to offer a detailed risk analysis for the protection of a system. In addition to developing protection trees, this research improves the existing concept of attack trees as well as developing rule sets for the manipulation of metrics used in the security of complex systems. This research specifically develops the framework for using an attack and protection tree methodology to analyze the security of complex systems. To accomplish this, the structure of attack trees is extended and modified to create the concept of protection trees. To validate the effectiveness of the methodology, the Schematic Protection Model (SPM) is used. The SPM is extended and applied to verify that a system protected using the attack and protection tree methodology is safe. To demonstrate the general usefulness of this novel methodology, it is used to analyze the security of several varied domains including computer networks, online banking, homeland security, and mobile ad hoc networks.