Attacker Profiling in Quantitative Security Assessment Based on Attack Trees
نویسندگان
چکیده
Providing meaningful estimations for the quantitative annotations on the steps of complex multi-step attacks is hard, as they are jointly influenced by the infrastructure and attacker properties. The paper introduces attacker profiling as a concept of separation of the infrastructure properties from the properties of malicious agents undertaking strategic decisions in the considered environment. We show that attacker profiling may be integrated into existing quantitative security assessment tools without any significant performance penalty. As an example of such integration we introduce the new analysis tool named ApproxTree+ which is an extension of the existing ApproxTree tool, enhancing it by incorporating attacker profiling capabilities into it.
منابع مشابه
Calculating Adversarial Risk from Attack Trees: Control Strength and Probabilistic Attackers
Attack trees are a well-known formalism for quantitative analysis of cyber attacks consisting of multiple steps and alternative paths. It is possible to derive properties of the overall attacks from properties of individual steps, such as cost for the attacker and probability of success. However, in existing formalisms, such properties are considered independent. For example, investing more in ...
متن کاملTALLINN UNIVERSITY OF TECHNOLOGY Faculty of Information Technology Department of Informatics Chair of Information Security Attacker Profiling in Quantitative Security Assessment
Declaration I hereby declare that I am the sole author of this thesis. The work is original and has not been submitted for any degree or diploma at any other University. I further declare that material obtained from other sources has been dully acknowledged in the thesis. …………………… ……………………… (Date) Ƭ Ƭ Attack tree Ƭ with AND-nodes, OR-nodes and set of leaves X = {Xi,. .. , Xn} and parameter Gain...
متن کاملQuantitative evaluation of software security: an approach based on UML/SecAM and evidence theory
Quantitative and model-based prediction of security in the architecture design stage facilitates early detection of design faults hence reducing modification costs in subsequent stages of software life cycle. However, an important question arises with respect to the accuracy of input parameters. In practice, security parameters can rarely be estimated accurately due to the lack of sufficient kn...
متن کاملInvestigation of Always Present and Spectrum Sensing based Incumbent Emulators
Cognitive radio (CR) technology has been suggested for effective use of spectral resources. Spectrum sensing is one of the main operations of CR users to identify the vacant frequency bands. Cooperative spectrum sensing (CSS) is used to increase the performance of CR networks by providing spatial diversity. The accuracy of spectrum sensing is the most important challenge in the CSS process sinc...
متن کاملOn the computational complexity of finding a minimal basis for the guess and determine attack
Guess-and-determine attack is one of the general attacks on stream ciphers. It is a common cryptanalysis tool for evaluating security of stream ciphers. The effectiveness of this attack is based on the number of unknown bits which will be guessed by the attacker to break the cryptosystem. In this work, we present a relation between the minimum numbers of the guessed bits and uniquely restricted...
متن کامل