Using attack and protection trees to analyze threats and defenses to homeland security

Authors:
Kenneth S. Edge;George C. Dalton, II;Richard A. Raines;Robert F. Mills
Affiliations:
Air Force Institute of Technology, Wright-Patterson AFB, OH;Air Force Institute of Technology, Wright-Patterson AFB, OH;Air Force Institute of Technology, Wright-Patterson AFB, OH;Air Force Institute of Technology, Wright-Patterson AFB, OH
Venue:
MILCOM'06 Proceedings of the 2006 IEEE conference on Military communications
Year:
2006

Citing 5
Cited 8

Cleanroom software engineering: technology and process

Cleanroom software engineering: technology and process
Collaborative attack modeling

Proceedings of the 2002 ACM symposium on Applied computing
Secrets & Lies: Digital Security in a Networked World

Secrets & Lies: Digital Security in a Networked World
Automated Generation and Analysis of Attack Graphs

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
A Systematic Approach to Multi-Stage Network Attack Analysis

IWIA '04 Proceedings of the Second IEEE International Information Assurance Workshop (IWIA'04)

Analysing security risks in computer and Radio Frequency Identification (RFID) networks using attack and protection trees

International Journal of Security and Networks
Attack-defense trees and two-player binary zero-sum extensive form games are equivalent

GameSec'10 Proceedings of the First international conference on Decision and game theory for security
Foundations of attack-defense trees

FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
Computational aspects of attack---defense trees

SIIS'11 Proceedings of the 2011 international conference on Security and Intelligent Information Systems
Attribute Decoration of Attack-Defense Trees

International Journal of Secure Software Engineering
Quantitative questions on attack: defense trees

ICISC'12 Proceedings of the 15th international conference on Information Security and Cryptology
ADTool: security analysis with attack---defense trees

QEST'13 Proceedings of the 10th international conference on Quantitative Evaluation of Systems
Comparing attack trees and misuse cases in an industrial setting

Information and Software Technology

Quantified Score

Hi-index	0.00

Visualization

Abstract

Attacks against computer networks are a serious threat and occur quite often. Currently there are methods using attack trees that can be used to model how these attacks may occur. We have extended this concept to a new tree structure called a protection tree as a tool for decision makers to allocate limited resources towards the appropriate defenses against a specified attack. Protection trees ensure these limited resources are used in a manner to achieve the highest probability of success in stopping an attack. Protection trees are produced systematically by first developing an attack tree, computing metrics for each node of an attack, and then developing a corresponding protection tree with similar metrics. Eventually, libraries of attacks and available protections can be used to automate the process of developing the trees. An example attack and protection tree is used to notionally show how an organization such as the Department of Homeland Security can allocate resources to protect their computer networks from being compromised. Decision makers in the organization can use the resultant protection tree to determine where to allocate limited resources for the best protection of their network.