A Probabilistic Framework for Security Scenarios with Dependent Actions

Barbara Kordy, Marc Pouly, Patrick Schweizer

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    14 Citations (Scopus)
    143 Downloads (Pure)

    Abstract

    This work addresses the growing need of performing meaningful probabilistic analysis of security. We propose a framework that integrates the graphical security modeling technique of attack–defense trees with probabilistic information expressed in terms of Bayesian networks. This allows us to perform probabilistic evaluation of attack–defense scenarios involving dependent actions. To improve the efficiency of our computations, we make use of inference algorithms from Bayesian networks and encoding techniques from constraint reasoning. We discuss the algebraic theory underlying our framework and point out several generalizations which are possible thanks to the use of semiring theory.
    Original languageEnglish
    Title of host publication11th International Conference on Integrated Formal Methods, IFM 2014
    EditorsElvira Albert, Emil Sekereinsk
    Place of PublicationBern, Switzerland
    PublisherSpringer
    Pages256-271
    Number of pages16
    ISBN (Print)978-3-319-10180-4
    DOIs
    Publication statusPublished - 9 Sept 2014
    Event11th International Conference on Integrated Formal Methods, IFM 2014: 11th International Conference on Integrated Formal Methods, IFM 2014 - Bertinoro, Italy
    Duration: 9 Sept 201411 Sept 2014

    Publication series

    NameLecture notes in computer science
    PublisherSpringer
    Volume8739
    ISSN (Print)0302-9743
    ISSN (Electronic)1611-3349

    Conference

    Conference11th International Conference on Integrated Formal Methods, IFM 2014
    Period9/09/1411/09/14
    Other9-11 September 2014

    Keywords

    • EC Grant Agreement nr.: FP7/2007-2013
    • EC Grant Agreement nr.: FP7/318003

    Fingerprint

    Dive into the research topics of 'A Probabilistic Framework for Security Scenarios with Dependent Actions'. Together they form a unique fingerprint.

    Cite this