A Stochastic Framework for Quantitative Analysis of Attack-Defense Trees

Ravi Jhawar, Karim Lounis*, Sjouke Mauw

*Corresponding author for this work

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    9 Citations (Scopus)

    Abstract

    Cyber attacks are becoming increasingly complex, practically sophisticated and organized. Losses due to such attacks are important, varying from the loss of money to business reputation spoilage. Therefore, there is a great need for potential victims of cyber attacks to deploy security solutions that allow the identification and/or prediction of potential cyber attacks, and deploy defenses to face them. In this paper, we propose a framework that incorporates Attack-Defense trees (ADTrees) and Continuous Time Markov Chains (CTMCs) to systematically represent attacks, defenses, and their interaction. This solution allows to perform quantitative security assessment, with an aim to predict and/or identify attacks and find the best and appropriate defenses to reduce the impact of attacks.
    Original languageEnglish
    Title of host publication12th International Workshop on Security and Trust Management, STM 2016
    EditorsGilles Barthe, Evangelos Markatos, Pierangela Samarati
    Place of PublicationCham
    PublisherSpringer
    Pages138-153
    Number of pages16
    ISBN (Electronic)978-3-319-46598-2
    ISBN (Print)978-3-319-46597-5
    DOIs
    Publication statusPublished - 17 Sep 2016
    Event12th International Workshop on Security and Trust Management, STM 2016 - Heraklion, Crete, Greece
    Duration: 17 Sep 2016 → …

    Publication series

    NameLecture Notes in Computer Science
    PublisherSpringer International Publishing
    Volume9871
    ISSN (Print)0302-9743
    ISSN (Electronic)1611-3349

    Conference

    Conference12th International Workshop on Security and Trust Management, STM 2016
    CityHeraklion, Crete, Greece
    Period17/09/16 → …

    Keywords

    • EC Grant Agreement nr.: FP7/2007-2013
    • EC Grant Agreement nr.: FP7/318003
    • Attack-Defense Trees
    • Markov chains
    • Security modeling
    • Quantitative analysis

    Fingerprint Dive into the research topics of 'A Stochastic Framework for Quantitative Analysis of Attack-Defense Trees'. Together they form a unique fingerprint.

    Cite this