Refinement-Aware Generation of Attack Trees
نویسندگان
چکیده
Attack trees allow a security analyst to obtain an overview of the potential vulnerabilities of a system. Due to their refinement structure, attack trees support the analyst in understanding the system vulnerabilities at various levels of abstraction. However, contrary to manually synthesized attack trees, automatically generated attack trees are often not refinement-aware, making subsequent human processing much harder. The generation of attack trees in which the refined nodes correspond to semantically relevant levels of abstraction is still an open question. In this paper, we formulate the attack-tree generation problem and propose a methodology to, given a system model, generate attack trees with meaningful levels of abstraction.
منابع مشابه
Attack Trees for Practical Security Assessment: Ranking of Attack Scenarios with ADTool 2.0
In this tool demonstration paper we present the ADTool2.0: an open-source software for design, manipulation and analysis of attack trees. The tool supports ranking of attack scenarios based on quantitative attributes entered by the user; it is scriptable; and it incorporates attack trees with sequential conjunctive refinement.
متن کاملAttack-Aware Cooperative Spectrum Sensing in Cognitive Radio Networks under Byzantine Attack
Cooperative Spectrum Sensing (CSS) is an effective approach to overcome the impact of multi-path fading and shadowing issues. The reliability of CSS can be severely degraded under Byzantine attack, which may be caused by either malfunctioning sensing terminals or malicious nodes. Almost, the previous studies have not analyzed and considered the attack in their models. The present study introduc...
متن کاملAn Effective and Optimal Fusion Rule in the Presence of Probabilistic Spectrum Sensing Data Falsification Attack
Cognitive radio (CR) network is an excellent solution to the spectrum scarcity problem. Cooperative spectrum sensing (CSS) has been widely used to precisely detect of primary user (PU) signals. The trustworthiness of the CSS is vulnerable to spectrum sensing data falsification (SSDF) attack. In an SSDF attack, some malicious users intentionally report wrong sensing results to cheat the fusion c...
متن کاملAlgorithms and Data Structures for Handling a Fully Flexible Refinement Approach in Mesh Generation
This paper presents new algorithms and data structures required for the generation of grids based on mixed element trees and using flexible refinement approach. Mixed elements trees is an extension of modified octrees that uses several well-shaped primitives such as cuboids, prisms, pyramids and tetrahedra as internal nodes. A flexible refinement approach fits the object geometry and fulfills t...
متن کاملPoster: Automating Defence Generation for Risk Assessment
Efficient risk assessment requires automation of its most tedious tasks: identification of vulnerabilities, attacks that can exploit these vulnerabilities, and countermeasures that can mitigate the attacks. E.g., the attack tree generation by policy invalidation approach looks at systematic automatic generation of attack trees from a socio-technical model of an organization. Attack trees succin...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2017