Foundations of Attack-Defense Trees
نویسندگان
چکیده
We introduce and give formal definitions of attack–defense trees. We argue that these trees are a simple, yet powerful tool to analyze complex security and privacy problems. Our formalization is generic in the sense that it supports different semantical approaches. We present several semantics for attack–defense trees along with usage scenarios, and we show how to evaluate attributes.
منابع مشابه
Computational Aspects of Attack-Defense Trees
Attack–defense trees extend attack trees with defense nodes. This richer formalism allows for a more precise modeling of a system’s vulnerabilities, by representing interactions between possible attacks and corresponding defensive measures. In this paper we compare the computational complexity of both formalisms. We identify semantics for which extending attack trees with defense nodes does not...
متن کاملFoundations for Survivable System Development: Service Traces, Intrusion Traces, and Evaluation Models
vii 1 Survivable System Concepts 1 2 Service Traces for Survivability Specification 5 2.1 Essential-Service Workflows 5 2.2 Essential-Service Traces 6 2.3 Relational Specification of Trace Components 6 2.4 Computational Survivability 7 3 Intrusion Traces for Adverse Environment Specification 9 3.1 Intruder Workflows Organized Into Attack Trees 10 3.2 Attack Patterns Organized Into Attack Profil...
متن کاملADTool: Security Analysis with Attack- Defense Trees (Extended Version)
The ADTool is free, open source software assisting graphical modeling and quantitative analysis of security, using attack–defense trees. The main features of the ADTool are easy creation, efficient editing, and automated bottom-up evaluation of security-relevant measures. The tool also supports the usage of attack trees, protection trees and defense trees, which are all particular instances of ...
متن کاملADTool: Security Analysis with Attack-Defense Trees
The ADTool is free, open source software assisting graphical modeling and quantitative analysis of security, using attack–defense trees. The main features of the ADTool are easy creation, efficient editing, and automated bottom-up evaluation of security-relevant measures. The tool also supports the usage of attack trees, protection trees and defense trees, which are all particular instances of ...
متن کاملAttribute Decoration of Attack-Defense Trees
Attack–defense trees can be used as part of threat and risk analysis for system development and maintenance. They are an extension of attack trees with defense measures. Moreover, tree nodes can be decorated with attributes, such as probability, impact and penalty, to increase the expressiveness of the model. Attribute values are typically assigned based on cognitive estimations and historicall...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2010