Defense trees for economic evaluation of security investments
ARES '06 Proceedings of the First International Conference on Availability, Reliability and Security
Optimal security hardening using multi-objective optimization on attack tree models of networks
Proceedings of the 14th ACM conference on Computer and communications security
Distributed Divide-and-Conquer Techniques for Effective DDoS Attack Defenses
ICDCS '08 Proceedings of the 2008 The 28th International Conference on Distributed Computing Systems
Design and Application of Penetration Attack Tree Model Oriented to Attack Resistance Test
CSSE '08 Proceedings of the 2008 International Conference on Computer Science and Software Engineering - Volume 03
Computing Exact Outcomes of Multi-parameter Attack Trees
OTM '08 Proceedings of the OTM 2008 Confederated International Conferences, CoopIS, DOA, GADA, IS, and ODBASE 2008. Part II on On the Move to Meaningful Internet Systems
Security Protocol Testing Using Attack Trees
CSE '09 Proceedings of the 2009 International Conference on Computational Science and Engineering - Volume 02
Processing multi-parameter attacktrees with estimated parameter values
IWSEC'07 Proceedings of the Security 2nd international conference on Advances in information and computer security
Serial model for attack tree computations
ICISC'09 Proceedings of the 12th international conference on Information security and cryptology
Foundations of attack-defense trees
FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
Rational choice of security measures via multi-parameter attack trees
CRITIS'06 Proceedings of the First international conference on Critical Information Infrastructures Security
OWA trees and their role in security modeling using attack trees
Information Sciences: an International Journal
ICISC'05 Proceedings of the 8th international conference on Information Security and Cryptology
Survey and analysis on Security Requirements Engineering
Computers and Electrical Engineering
Hi-index | 0.00 |
An attack tree is a useful analytical technique to model security threats and/or risks, and hence model attacks as actual realizations of the former. Research on attack trees have focused either on applying such trees to model various ranges of security systems, or on advancements to this technique in itself. In this paper, we revisit the notion of attack tree attribution, i.e. how explicit attribute values of child nodes are aggregated to form the attribute of the parent node, and propose a novel attribution approach. We then show using this approach within the context of analyzing the weakest links of security systems, how the weakest link may not necessarily always be so, but instead it depends on the existence of other stronger links within the system.