Automated generation of attack trees by unfolding graph transformation systems

Analysis of an organization's security and the threats it faces is nowadays often done using attack trees that describe all possible threats facing a system or organization. A big challenge lies in obtaining these attack trees. Manually constructing them is tedious and error-prone work. Therefore, this project focuses on generating attack trees automatically from a given model that describes a system or organization. It improves upon previous efforts by providing an approach to identify all possible attacks from a given model in a more scalable manner, compared to the previous approach of constructing an attack graph, while remaining (security-)domain independent. This work demonstrates that this new approach, based on partial-order reduction, can have significant scalability benefits compared to the existing generic approach. In addition, it is shown that the graph transformations modeling paradigm can be used as a generic input language for describing systems and organizations, and using graph transformations gives the benefit of reusing existing efforts and implementations. Specifically, a partial-order technique called the unfolding of a graph transformation system is used as the basis of the approach, and GROOVE, a tool for constructing and analyzing graph transformation systems, is used as the basis of the implementation.