论文信息 - Genetic Approximations for the Failure-Free Security Games

Genetic Approximations for the Failure-Free Security Games

This paper deals with computational aspects of attack trees, more precisely, evaluating the expected adversarial utility in the failure-free game, where the adversary is allowed to re-run failed atomic attacks an unlimited number of times. It has been shown by Buldas and Lenin that exact evaluation of this utility is an NP-complete problem, so a computationally feasible approximation is needed. In this paper we consider a genetic approach for this challenge. Since genetic algorithms depend on a number of non-trivial parameters, we face a multi-objective optimization problem and we consider several heuristic criteria to solve it.

Jan Willemson | Aleksandr Lenin | Anton Charnamord

[1] Jan Willemson,et al. Attacker Profiling in Quantitative Security Assessment Based on Attack Trees , 2014, NordSec.

[2] Ahto Buldas,et al. Limiting Adversarial Budget in Quantitative Security Assessment , 2014, GameSec.

[3] Jan Willemson,et al. Serial Model for Attack Tree Computations , 2009, ICISC.

[4] Jan Willemson,et al. Computing Exact Outcomes of Multi-parameter Attack Trees , 2008, OTM Conferences.

[5] Ahto Buldas,et al. New Efficient Utility Upper Bounds for the Fully Adaptive Model of Attack Trees , 2013, GameSec.

[6] Ahto Buldas,et al. Upper Bounds for Adversaries' Utility in Attack Trees , 2012, GameSec.

[7] Lalit M. Patnaik,et al. Adaptive probabilities of crossover and mutation in genetic algorithms , 1994, IEEE Trans. Syst. Man Cybern..

[8] Sjouke Mauw,et al. Foundations of Attack Trees , 2005, ICISC.

[9] Jan Willemson,et al. On Fast and Approximate Attack Tree Computations , 2010, ISPEC.

[10] Jan Willemson,et al. Rational Choice of Security Measures Via Multi-parameter Attack Trees , 2006, CRITIS.

[11] W E Vesely,et al. Fault Tree Handbook , 1987 .