Attack time analysis in dynamic attack trees via integer linear programming

Milan Lopuhaä-Zwakenberg; Mariëlle Stoelinga

doi:10.1007/978-3-031-47115-5_10

Attack time analysis in dynamic attack trees via integer linear programming

Milan Lopuhaä-Zwakenberg^*
, Mariëlle Stoelinga

^*Corresponding author for this work

Formal Methods and Tools

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

4 Citations (Scopus)

42 Downloads (Pure)

Abstract

Attack trees (ATs) are an important tool in security analysis, and an important part of AT analysis is computing metrics. However, metric computation is NP-complete in general. In this paper, we showcase the use of mixed integer linear programming (MILP) as a tool for quantitative analysis. Specifically, we use MILP to solve the open problem of calculating the min time metric of dynamic ATs, i.e., the minimal time to attack a system. We also present two other tools to further improve our MILP method: First, we show how the computation can be sped up by identifying the modules of an AT, i.e. subtrees connected to the rest of the AT via only one node. Second, we define a general semantics for dynamic ATs that significantly relaxes the restrictions on attack trees compared to earlier work, allowing us to apply our methods to a wide variety of ATs. Experiments on a synthetic testing set of large ATs verify that both the integer linear programming approach and modular analysis considerably decrease the computation time of attack time analysis.

Original language	English
Title of host publication	Software Engineering and Formal Methods
Subtitle of host publication	21st International conference, SEFM 2023 Eindhoven, The Netherlands, November 6-10, 2023 Proceedings
Editors	Carla Ferreira, Tim A.C. Willemse
Publisher	Springer
Pages	165-183
ISBN (Electronic)	978-3-031-47115-5
ISBN (Print)	978-3-031-47114-8
DOIs	https://doi.org/10.1007/978-3-031-47115-5_10
Publication status	Published - 31 Oct 2023
Event	21st International Conference on Software Engineering and Formal Methods, SEFM 2023 - Eindhoven University of Technology, Eindhoven, Netherlands Duration: 6 Nov 2023 → 10 Nov 2023 Conference number: 21 https://sefm-conference.github.io/2023/

Publication series

Name	Lecture Notes in Computer Science
Volume	14323

Conference

Conference	21st International Conference on Software Engineering and Formal Methods, SEFM 2023
Abbreviated title	SEFM 2023
Country/Territory	Netherlands
City	Eindhoven
Period	6/11/23 → 10/11/23
Internet address	https://sefm-conference.github.io/2023/

Keywords

2024 OA procedure

Access to Document

10.1007/978-3-031-47115-5_10

ArticleFinal published version, 715 KBLicence: Taverne

Attack time analysis in dynamic attack trees via integer linear programming: code and data
Lopuhaä - Zwakenberg, M. A. (Creator), Zenodo, 30 Sept 2021
DOI: 10.5281/zenodo.5541760, https://zenodo.org/records/5541760/
Dataset
Attack time analysis in dynamic attack trees via integer linear programming: Matlab code
Lopuhaä-Zwakenberg, M. (Creator), Zenodo, 22 Jul 2023
DOI: 10.5281/zenodo.8173950, https://doi.org/10.5281/zenodo.8173951 and 3 more links, https://doi.org/10.5281/zenodo.8329362, https://doi.org/10.5281/zenodo.8329384, https://zenodo.org/record/8329384 (show fewer)
Dataset

Attack time analysis in dynamic attack trees via integer linear programming
Lopuhaä-Zwakenberg, M. & Stoelinga, M. I. A., 9 Nov 2021, ArXiv.org, 18 p.
Research output: Working paper

Open Access
File

Cite this

Lopuhaä-Zwakenberg, M., & Stoelinga, M. (2023). Attack time analysis in dynamic attack trees via integer linear programming. In C. Ferreira, & T. A. C. Willemse (Eds.), Software Engineering and Formal Methods: 21st International conference, SEFM 2023 Eindhoven, The Netherlands, November 6-10, 2023 Proceedings (pp. 165-183). (Lecture Notes in Computer Science; Vol. 14323). Springer. https://doi.org/10.1007/978-3-031-47115-5_10

Lopuhaä-Zwakenberg, Milan ; Stoelinga, Mariëlle. / Attack time analysis in dynamic attack trees via integer linear programming. Software Engineering and Formal Methods: 21st International conference, SEFM 2023 Eindhoven, The Netherlands, November 6-10, 2023 Proceedings. editor / Carla Ferreira ; Tim A.C. Willemse. Springer, 2023. pp. 165-183 (Lecture Notes in Computer Science).

@inproceedings{8f9d4bc1593541589db5988167da1636,

title = "Attack time analysis in dynamic attack trees via integer linear programming",

abstract = "Attack trees (ATs) are an important tool in security analysis, and an important part of AT analysis is computing metrics. However, metric computation is NP-complete in general. In this paper, we showcase the use of mixed integer linear programming (MILP) as a tool for quantitative analysis. Specifically, we use MILP to solve the open problem of calculating the min time metric of dynamic ATs, i.e., the minimal time to attack a system. We also present two other tools to further improve our MILP method: First, we show how the computation can be sped up by identifying the modules of an AT, i.e. subtrees connected to the rest of the AT via only one node. Second, we define a general semantics for dynamic ATs that significantly relaxes the restrictions on attack trees compared to earlier work, allowing us to apply our methods to a wide variety of ATs. Experiments on a synthetic testing set of large ATs verify that both the integer linear programming approach and modular analysis considerably decrease the computation time of attack time analysis.",

keywords = "2024 OA procedure",

author = "Milan Lopuha{\"a}-Zwakenberg and Mari{\"e}lle Stoelinga",

year = "2023",

month = oct,

day = "31",

doi = "10.1007/978-3-031-47115-5\_10",

language = "English",

isbn = "978-3-031-47114-8",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "165--183",

editor = "Carla Ferreira and Willemse, \{Tim A.C.\}",

booktitle = "Software Engineering and Formal Methods",

address = "Germany",

note = "21st International Conference on Software Engineering and Formal Methods, SEFM 2023, SEFM 2023 ; Conference date: 06-11-2023 Through 10-11-2023",

url = "https://sefm-conference.github.io/2023/",

}

Lopuhaä-Zwakenberg, M & Stoelinga, M 2023, Attack time analysis in dynamic attack trees via integer linear programming. in C Ferreira & TAC Willemse (eds), Software Engineering and Formal Methods: 21st International conference, SEFM 2023 Eindhoven, The Netherlands, November 6-10, 2023 Proceedings. Lecture Notes in Computer Science, vol. 14323, Springer, pp. 165-183, 21st International Conference on Software Engineering and Formal Methods, SEFM 2023, Eindhoven, Netherlands, 6/11/23. https://doi.org/10.1007/978-3-031-47115-5_10

Attack time analysis in dynamic attack trees via integer linear programming. / Lopuhaä-Zwakenberg, Milan ; Stoelinga, Mariëlle.
Software Engineering and Formal Methods: 21st International conference, SEFM 2023 Eindhoven, The Netherlands, November 6-10, 2023 Proceedings. ed. / Carla Ferreira; Tim A.C. Willemse. Springer, 2023. p. 165-183 (Lecture Notes in Computer Science; Vol. 14323).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - Attack time analysis in dynamic attack trees via integer linear programming

AU - Lopuhaä-Zwakenberg, Milan

AU - Stoelinga, Mariëlle

N1 - Conference code: 21

PY - 2023/10/31

Y1 - 2023/10/31

N2 - Attack trees (ATs) are an important tool in security analysis, and an important part of AT analysis is computing metrics. However, metric computation is NP-complete in general. In this paper, we showcase the use of mixed integer linear programming (MILP) as a tool for quantitative analysis. Specifically, we use MILP to solve the open problem of calculating the min time metric of dynamic ATs, i.e., the minimal time to attack a system. We also present two other tools to further improve our MILP method: First, we show how the computation can be sped up by identifying the modules of an AT, i.e. subtrees connected to the rest of the AT via only one node. Second, we define a general semantics for dynamic ATs that significantly relaxes the restrictions on attack trees compared to earlier work, allowing us to apply our methods to a wide variety of ATs. Experiments on a synthetic testing set of large ATs verify that both the integer linear programming approach and modular analysis considerably decrease the computation time of attack time analysis.

AB - Attack trees (ATs) are an important tool in security analysis, and an important part of AT analysis is computing metrics. However, metric computation is NP-complete in general. In this paper, we showcase the use of mixed integer linear programming (MILP) as a tool for quantitative analysis. Specifically, we use MILP to solve the open problem of calculating the min time metric of dynamic ATs, i.e., the minimal time to attack a system. We also present two other tools to further improve our MILP method: First, we show how the computation can be sped up by identifying the modules of an AT, i.e. subtrees connected to the rest of the AT via only one node. Second, we define a general semantics for dynamic ATs that significantly relaxes the restrictions on attack trees compared to earlier work, allowing us to apply our methods to a wide variety of ATs. Experiments on a synthetic testing set of large ATs verify that both the integer linear programming approach and modular analysis considerably decrease the computation time of attack time analysis.

KW - 2024 OA procedure

U2 - 10.1007/978-3-031-47115-5_10

DO - 10.1007/978-3-031-47115-5_10

M3 - Conference contribution

SN - 978-3-031-47114-8

T3 - Lecture Notes in Computer Science

SP - 165

EP - 183

BT - Software Engineering and Formal Methods

A2 - Ferreira, Carla

A2 - Willemse, Tim A.C.

PB - Springer

T2 - 21st International Conference on Software Engineering and Formal Methods, SEFM 2023

Y2 - 6 November 2023 through 10 November 2023

ER -

Lopuhaä-Zwakenberg M , Stoelinga M. Attack time analysis in dynamic attack trees via integer linear programming. In Ferreira C, Willemse TAC, editors, Software Engineering and Formal Methods: 21st International conference, SEFM 2023 Eindhoven, The Netherlands, November 6-10, 2023 Proceedings. Springer. 2023. p. 165-183. (Lecture Notes in Computer Science). doi: 10.1007/978-3-031-47115-5_10

Attack time analysis in dynamic attack trees via integer linear programming

Abstract

Publication series

Conference

Keywords

Access to Document

Fingerprint

Datasets

Attack time analysis in dynamic attack trees via integer linear programming: code and data

Attack time analysis in dynamic attack trees via integer linear programming: Matlab code

Research output

Attack time analysis in dynamic attack trees via integer linear programming

Cite this