Towards Synthesis of Attack Trees for Supporting Computer-Aided Risk Analysis

Attack trees are widely used in the fields of defense for the analysis of risks (or threats) against electronics systems, computer control systems or physical systems. Based on the analysis of attack trees, practitioners can define actions to engage in order to reduce or annihilate risks. A major barrier to support computer-aided risk analysis is that attack trees can become largely complex and thus hard to specify. This paper is a first step towards a methodology, formal foundations as well as automated techniques to synthesize attack trees from a high-level description of a system. Attacks are expressed as a succession of elementary actions and high-level actions can be used to abstract and organize attacks into exploitable attack trees. We describe our tooling support and identify open challenges for supporting the analysis of risks.

[1]  Sjouke Mauw,et al.  Foundations of Attack Trees , 2005, ICISC.

[2]  Barbara Kordy,et al.  Attack-defense trees , 2014, J. Log. Comput..

[3]  Somesh Jha,et al.  Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[4]  Jin B. Hong,et al.  Scalable Attack Representation Model Using Logic Reduction Techniques , 2013, 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications.

[5]  Jeannette M. Wing,et al.  Tools for Generating and Analyzing Attack Graphs , 2003, FMCO.

[6]  Barbara Kordy,et al.  DAG-based attack and defense modeling: Don't miss the forest for the attack trees , 2013, Comput. Sci. Rev..

[7]  E. Eugene Schultz,et al.  Risks due to convergence of physical security systems and information technology environments , 2007, Inf. Secur. Tech. Rep..

[8]  Fabrice Kordon,et al.  Towards Distributed Software Model-Checking Using Decision Diagrams , 2013, CAV.

[9]  Somesh Jha,et al.  Two formal analyses of attack graphs , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[10]  Jeannette M. Wing,et al.  Scenario graphs and attack graphs , 2004 .

[11]  Barbara Kordy,et al.  Foundations of Attack-Defense Trees , 2010, Formal Aspects in Security and Trust.

[12]  Edmund M. Clarke,et al.  Ranking Attack Graphs , 2006, RAID.