This work addresses the growing need of performing meaningful probabilistic analysis of security. We propose a framework that integrates the graphical security modeling technique of attack–defense trees with probabilistic information expressed in terms of Bayesian networks. This allows us to perform probabilistic evaluation of attack–defense scenarios involving dependent actions. To improve the efficiency of our computations, we make use of inference algorithms from Bayesian networks and encoding techniques from constraint reasoning. We discuss the algebraic theory underlying our framework and point out several generalizations which are possible thanks to the use of semiring theory.
|Name||Lecture notes in computer science|
|Conference||11th International Conference on Integrated Formal Methods, IFM 2014|
|Period||9/09/14 → 11/09/14|
|Other||9-11 September 2014|
- EC Grant Agreement nr.: FP7/2007-2013
- EC Grant Agreement nr.: FP7/318003