Attack and defense modeling with BDMP
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
Attribute Decoration of Attack-Defense Trees
International Journal of Secure Software Engineering
Quantitative questions on attack: defense trees
ICISC'12 Proceedings of the 15th international conference on Information Security and Cryptology
Hi-index | 0.00 |
Boolean logic Driven Markov Processes (BDMP) are a powerful modeling tool used in the reliability and safety domains. We propose to take advantage of their capabilities to go beyond the traditional techniques used to model attack scenarios. In particular we show how this new approach can be seen as preferable to attack trees and Petri net-based methods. Attack trees are inherently static and limited to independent events, whereas BDMP are dynamic and can take into account simple dependences. This allows the modeling of attack sequences, but also of defensive aspects such as detections. Petri net-based approaches are highly flexible but often lack readability and scalability; BDMP representations are close to attack trees, inheriting their readability and easy appropriation. Moreover, BDMP have mathematical properties leading to drastic reductions of combinatorial problems, allowing efficient scenarios processing and time dependent quantifications. Finally, limits and improvement perspectives are discussed.