Cleanroom software engineering: technology and process
Cleanroom software engineering: technology and process
Proceedings of the 2002 ACM symposium on Applied computing
Secrets & Lies: Digital Security in a Networked World
Secrets & Lies: Digital Security in a Networked World
Automated Generation and Analysis of Attack Graphs
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
A Systematic Approach to Multi-Stage Network Attack Analysis
IWIA '04 Proceedings of the Second IEEE International Information Assurance Workshop (IWIA'04)
International Journal of Security and Networks
Attack-defense trees and two-player binary zero-sum extensive form games are equivalent
GameSec'10 Proceedings of the First international conference on Decision and game theory for security
Foundations of attack-defense trees
FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
Computational aspects of attack---defense trees
SIIS'11 Proceedings of the 2011 international conference on Security and Intelligent Information Systems
Attribute Decoration of Attack-Defense Trees
International Journal of Secure Software Engineering
Quantitative questions on attack: defense trees
ICISC'12 Proceedings of the 15th international conference on Information Security and Cryptology
ADTool: security analysis with attack---defense trees
QEST'13 Proceedings of the 10th international conference on Quantitative Evaluation of Systems
Comparing attack trees and misuse cases in an industrial setting
Information and Software Technology
Hi-index | 0.00 |
Attacks against computer networks are a serious threat and occur quite often. Currently there are methods using attack trees that can be used to model how these attacks may occur. We have extended this concept to a new tree structure called a protection tree as a tool for decision makers to allocate limited resources towards the appropriate defenses against a specified attack. Protection trees ensure these limited resources are used in a manner to achieve the highest probability of success in stopping an attack. Protection trees are produced systematically by first developing an attack tree, computing metrics for each node of an attack, and then developing a corresponding protection tree with similar metrics. Eventually, libraries of attacks and available protections can be used to automate the process of developing the trees. An example attack and protection tree is used to notionally show how an organization such as the Department of Homeland Security can allocate resources to protect their computer networks from being compromised. Decision makers in the organization can use the resultant protection tree to determine where to allocate limited resources for the best protection of their network.