Attack time analysis in dynamic attack trees via integer linear programming

Milan Lopuhaä-Zwakenberg; Mariëlle I.A. Stoelinga

Attack time analysis in dynamic attack trees via integer linear programming

Milan Lopuhaä-Zwakenberg, Mariëlle I.A. Stoelinga

Research output: Working paper

76 Downloads (Pure)

Abstract

Attack trees are an important tool in security analysis, and an important part of attack tree analysis is computing metrics. This paper focuses on dynamic attack trees and their min time metric. For general attack trees, calculating min time efficiently is an open problem, with the fastest current method being enumerating all minimal attacks, which is NP-hard. This paper introduces 3 new tools for calculating min time. First, we show that static attack trees can be handled by a fast bottom-up algorithm. Second, we introduce a novel method for general dynamic attack trees based on mixed integer linear programming. Third, we show how the computation can be sped up by identifying the modules of an attack tree, i.e. subtrees connected to the rest of the attack tree via only one node. Experiments on a generated testing set of large attack trees verify that these methods have a large impact on performance.

Original language	English
Publisher	ArXiv.org
Number of pages	18
Publication status	Published - 9 Nov 2021

Access to Document

Attack timeFinal published version, 332 KBLicence: CC BY

Attack time analysis in dynamic attack trees via integer linear programming: code and data
Lopuhaä - Zwakenberg, M. A. (Creator), Zenodo, 30 Sept 2021
DOI: 10.5281/zenodo.5541760, https://zenodo.org/records/5541760/
Dataset

1 Conference contribution

Attack time analysis in dynamic attack trees via integer linear programming
Lopuhaä-Zwakenberg, M. & Stoelinga, M., 31 Oct 2023, Software Engineering and Formal Methods: 21st International conference, SEFM 2023 Eindhoven, The Netherlands, November 6-10, 2023 Proceedings. Ferreira, C. & Willemse, T. A. C. (eds.). Springer, p. 165-183 (Lecture Notes in Computer Science; vol. 14323).
Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

Open Access
File
25 Downloads (Pure)

Cite this

@techreport{cd9957e6d3a644d891a4e028339e21e5,

title = "Attack time analysis in dynamic attack trees via integer linear programming",

abstract = "Attack trees are an important tool in security analysis, and an important part of attack tree analysis is computing metrics. This paper focuses on dynamic attack trees and their min time metric. For general attack trees, calculating min time efficiently is an open problem, with the fastest current method being enumerating all minimal attacks, which is NP-hard. This paper introduces 3 new tools for calculating min time. First, we show that static attack trees can be handled by a fast bottom-up algorithm. Second, we introduce a novel method for general dynamic attack trees based on mixed integer linear programming. Third, we show how the computation can be sped up by identifying the modules of an attack tree, i.e. subtrees connected to the rest of the attack tree via only one node. Experiments on a generated testing set of large attack trees verify that these methods have a large impact on performance.",

author = "Milan Lopuha{\"a}-Zwakenberg and Stoelinga, {Mari{\"e}lle I.A.}",

year = "2021",

month = nov,

day = "9",

language = "English",

publisher = "ArXiv.org",

type = "WorkingPaper",

institution = "ArXiv.org",

}

TY - UNPB

T1 - Attack time analysis in dynamic attack trees via integer linear programming

AU - Lopuhaä-Zwakenberg, Milan

AU - Stoelinga, Mariëlle I.A.

PY - 2021/11/9

Y1 - 2021/11/9

N2 - Attack trees are an important tool in security analysis, and an important part of attack tree analysis is computing metrics. This paper focuses on dynamic attack trees and their min time metric. For general attack trees, calculating min time efficiently is an open problem, with the fastest current method being enumerating all minimal attacks, which is NP-hard. This paper introduces 3 new tools for calculating min time. First, we show that static attack trees can be handled by a fast bottom-up algorithm. Second, we introduce a novel method for general dynamic attack trees based on mixed integer linear programming. Third, we show how the computation can be sped up by identifying the modules of an attack tree, i.e. subtrees connected to the rest of the attack tree via only one node. Experiments on a generated testing set of large attack trees verify that these methods have a large impact on performance.

AB - Attack trees are an important tool in security analysis, and an important part of attack tree analysis is computing metrics. This paper focuses on dynamic attack trees and their min time metric. For general attack trees, calculating min time efficiently is an open problem, with the fastest current method being enumerating all minimal attacks, which is NP-hard. This paper introduces 3 new tools for calculating min time. First, we show that static attack trees can be handled by a fast bottom-up algorithm. Second, we introduce a novel method for general dynamic attack trees based on mixed integer linear programming. Third, we show how the computation can be sped up by identifying the modules of an attack tree, i.e. subtrees connected to the rest of the attack tree via only one node. Experiments on a generated testing set of large attack trees verify that these methods have a large impact on performance.

M3 - Working paper

BT - Attack time analysis in dynamic attack trees via integer linear programming

PB - ArXiv.org

ER -

Attack time analysis in dynamic attack trees via integer linear programming

Abstract

Access to Document

Fingerprint

Datasets

Attack time analysis in dynamic attack trees via integer linear programming: code and data

Research output

Attack time analysis in dynamic attack trees via integer linear programming

Cite this