Foundations of Attack-Defense Trees

We introduce and give formal definitions of attack-defense trees. We argue that these trees are a simple, yet powerful tool to analyze complex security and privacy problems. Our formalization is generic in the sense that it supports different semantical approaches. We present several semantics for attack-defense trees along with usage scenarios, and we show how to evaluate attributes.

[1]  Alan Bundy,et al.  Constructing Induction Rules for Deductive Synthesis Proofs , 2006, CLASE.

[2]  Jan Willemson,et al.  Serial Model for Attack Tree Computations , 2009, ICISC.

[3]  Somesh Jha,et al.  Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[4]  Kees Doets,et al.  Basic model theory , 1996, Studies in logic, language and information.

[5]  Andrew P. Moore,et al.  Attack Modeling for Information Security and Survivability , 2001 .

[6]  Robert J. Ellison,et al.  Attack Trees , 2009, Encyclopedia of Biometrics.

[7]  Barbara Kordy,et al.  Attack-Defense Trees and Two-Player Binary Zero-Sum Extensive Form Games Are Equivalent , 2010, GameSec.

[8]  Jan Willemson,et al.  Computing Exact Outcomes of Multi-parameter Attack Trees , 2008, OTM Conferences.

[9]  Edward G. Amoroso,et al.  Fundamentals of computer security technology , 1994 .

[10]  Vamsi Paruchuri,et al.  Threat modeling using attack trees , 2008 .

[11]  R.F. Mills,et al.  Using Attack and Protection Trees to Analyze Threats and Defenses to Homeland Security , 2006, MILCOM 2006 - 2006 IEEE Military Communications conference.

[12]  W E Vesely,et al.  Fault Tree Handbook , 1987 .

[13]  Irina Trubitsyna,et al.  Analyzing Security Scenarios Using Defence Trees and Answer Set Programming , 2008, Electron. Notes Theor. Comput. Sci..

[14]  Stefano Bistarelli,et al.  Strategic Games on Defense Trees , 2006, Formal Aspects in Security and Trust.

[15]  Tharam S. Dillon,et al.  On the Move to Meaningful Internet Systems, OTM 2010 , 2010, Lecture Notes in Computer Science.

[16]  Dong Hoon Lee,et al.  Information, Security and Cryptology - ICISC 2009, 12th International Conference, Seoul, Korea, December 2-4, 2009, Revised Selected Papers , 2010, ICISC.

[17]  Theo Dimitrakos,et al.  Formal Aspects in Security and Trust, Fourth International Workshop, FAST 2006, Hamilton, Ontario, Canada, August 26-27, 2006, Revised Selected Papers , 2007, Formal Aspects in Security and Trust.

[18]  Stefano Bistarelli,et al.  Defense trees for economic evaluation of security investments , 2006, First International Conference on Availability, Reliability and Security (ARES'06).

[19]  Ana R. Cavalli,et al.  Security Protocol Testing Using Attack Trees , 2009, 2009 International Conference on Computational Science and Engineering.

[20]  Thomas Engel,et al.  Runtime Monitoring and Dynamic Reconfiguration for Intrusion Detection Systems , 2009, RAID.

[21]  Sjouke Mauw,et al.  Foundations of Attack Trees , 2005, ICISC.

[22]  Catherine A. Meadows,et al.  One Picture Is Worth a Dozen Connectives: A Fault-Tree Representation of NPATRL Security Requirements , 2007, IEEE Transactions on Dependable and Secure Computing.

[23]  Seungjoo Kim,et al.  Information Security and Cryptology - ICISC 2005 , 2005, Lecture Notes in Computer Science.