Semi-automatically Augmenting Attack Trees Using an Annotated Attack Tree Library

We present a method for assisting the semi-automatic creation of attack trees. Our method allows to explore a library of attack trees, select elements from this library that can be attached to an attack tree in construction, and determine how the attachment should be done. The process is supported by a predicate-based formal annotation of attack trees. To show the feasibility of our approach, we describe the process for automatically building a library of annotated attack trees from standard vulnerability descriptions in a publicly available online resource, using information extraction techniques. Then, we show how attack trees manually constructed from high level definitions of attack patterns can be augmented by attaching trees from this library.

[1]  Sophie Pinchinat,et al.  Is My Attack Tree Correct? , 2017, ESORICS.

[2]  Mathieu Acher,et al.  ATSyRa: An Integrated Environment for Synthesizing Attack Trees - (Tool Paper) , 2015, GraMSec@CSF.

[3]  Christopher D. Manning,et al.  Stanford typed dependencies manual , 2010 .

[4]  Karim Lounis Stochastic-based Semantics Of Attack-Defense Trees For Security Assessment , 2018 .

[5]  Ludovic Piètre-Cambacédès,et al.  Beyond Attack Trees: Dynamic Security Modeling with Boolean Logic Driven Markov Processes (BDMP) , 2010, 2010 European Dependable Computing Conference.

[6]  Danqi Chen,et al.  A Fast and Accurate Dependency Parser using Neural Networks , 2014, EMNLP.

[7]  Florian Kammüller,et al.  Transforming Graphical System Models to Graphical Attack Models , 2015, GraMSec@CSF.

[8]  Olga Gadyatskaya How to Generate Security Cameras: Towards Defence Generation for Socio-Technical Systems , 2015, GraMSec@CSF.

[9]  Ravi Jhawar,et al.  A Stochastic Framework for Quantitative Analysis of Attack-Defense Trees , 2016, STM.

[10]  Mihai Surdeanu,et al.  The Stanford CoreNLP Natural Language Processing Toolkit , 2014, ACL.

[11]  Barbara Kordy,et al.  Attack-defense trees , 2014, J. Log. Comput..

[12]  Jin B. Hong,et al.  Scalable Attack Representation Model Using Logic Reduction Techniques , 2013, 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications.

[13]  Sophie Pinchinat,et al.  Is my attack tree correct? Extended version , 2017, ArXiv.

[14]  Jan Willemson,et al.  Serial Model for Attack Tree Computations , 2009, ICISC.

[15]  D. Pinto Secrets and Lies: Digital Security in a Networked World , 2003 .

[16]  Adam Shostack,et al.  Threat Modeling: Designing for Security , 2014 .

[17]  Christopher D. Manning,et al.  Enhanced English Universal Dependencies: An Improved Representation for Natural Language Understanding Tasks , 2016, LREC.

[18]  Christopher D. Manning,et al.  The Stanford Typed Dependencies Representation , 2008, CF+CDPE@COLING.

[19]  Olga Gadyatskaya,et al.  Refinement-Aware Generation of Attack Trees , 2017, STM.

[20]  Kim G. Larsen,et al.  Quantitative Evaluation of Attack Defense Trees Using Stochastic Timed Automata , 2017, GraMSec@CSF.

[21]  Olga Gadyatskaya,et al.  Using Attack-Defense Trees to Analyze Threats and Countermeasures in an ATM: A Case Study , 2016, PoEM.

[22]  Dong Seong Kim,et al.  Attack countermeasure trees (ACT): towards unifying the constructs of attack and defense trees , 2012, Secur. Commun. Networks.

[23]  Sjouke Mauw,et al.  Foundations of Attack Trees , 2005, ICISC.

[24]  Flemming Nielson,et al.  Automated Generation of Attack Trees , 2014, 2014 IEEE 27th Computer Security Foundations Symposium.

[25]  Wei-min Li,et al.  Space Based Information System Security Risk Evaluation Based on Improved Attack Trees , 2011, 2011 Third International Conference on Multimedia Information Networking and Security.