Foundations of Attack Trees
نویسندگان
چکیده
Attack trees have found their way to practice because they have proved to be an intuitive aid in threat analysis. Despite, or perhaps thanks to, their apparent simplicity, they have not yet been provided with an unambiguous semantics. We argue that such a formal interpretation is indispensable to precisely understand how attack trees can be manipulated during construction and analysis. We provide a denotational semantics, based on a mapping to attack suites, which abstracts from the internal structure of an attack tree, we study transformations between attack trees, and we study the attribution and projection of an attack tree.
منابع مشابه
Foundations for Survivable System Development: Service Traces, Intrusion Traces, and Evaluation Models
vii 1 Survivable System Concepts 1 2 Service Traces for Survivability Specification 5 2.1 Essential-Service Workflows 5 2.2 Essential-Service Traces 6 2.3 Relational Specification of Trace Components 6 2.4 Computational Survivability 7 3 Intrusion Traces for Adverse Environment Specification 9 3.1 Intruder Workflows Organized Into Attack Trees 10 3.2 Attack Patterns Organized Into Attack Profil...
متن کاملFoundations of Attack-Defense Trees
We introduce and give formal definitions of attack–defense trees. We argue that these trees are a simple, yet powerful tool to analyze complex security and privacy problems. Our formalization is generic in the sense that it supports different semantical approaches. We present several semantics for attack–defense trees along with usage scenarios, and we show how to evaluate attributes.
متن کاملAn Intuitionistic Linear Logical Semantics of SAND Attack Trees
In this paper we introduce a new logical foundation of SAND attack trees in intuitionistic linear logic. This new foundation is based on a new logic called the Attack Tree Linear Logic (ATLL). Before introducing ATLL we given several new logical models of attack trees, the first, is a very basic model based in truth tables. Then we lift this semantics into a semantics of attack trees based on l...
متن کاملSerial Model for Attack Tree Computations
In this paper we extend the standard attack tree model by introducing temporal order to the attacker’s decision making process. This will allow us to model the attacker’s behaviour more accurately, since this way it is possible to study his actions related to dropping some of the elementary attacks due to them becoming obsolete based on the previous success/failure results. We propose an effici...
متن کاملReal-Time intrusion detection alert correlation and attack scenario extraction based on the prerequisite consequence approach
Alert correlation systems attempt to discover the relations among alerts produced by one or more intrusion detection systems to determine the attack scenarios and their main motivations. In this paper a new IDS alert correlation method is proposed that can be used to detect attack scenarios in real-time. The proposed method is based on a causal approach due to the strength of causal methods in ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2005