Attack Tree Generation by Policy Invalidation

Marieta Georgieva Ivanova; Christian W. Probst; René Rydhof Hansen; Florian Kammüller

doi:10.1007/978-3-319-24018-3_16

Attack Tree Generation by Policy Invalidation

Marieta Georgieva Ivanova, Christian W. Probst, René Rydhof Hansen, Florian Kammüller

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic

17 Citations (Scopus)

1 Downloads (Pure)

Abstract

Attacks on systems and organisations increasingly exploit human actors, for example through social engineering, complicating their formal treatment and automatic identi﬿cation. Formalisation of human behaviour is diﬃcult at best, and attacks on socio-technical systems are still mostly identi﬿ed through brainstorming of experts. In this work we formalize attack tree generation including human factors; based on recent advances in system models we develop a technique to identify possible attacks analytically, including technical and human factors. Our systematic attack generation is based on invalidating policies in the sys- tem model by identifying possible sequences of actions that lead to an attack. The generated attacks are precise enough to illustrate the threat, and they are general enough to hide the details of individual steps.

Original language	English
Title of host publication	9th IFIP WG 11.2 International Conference on Information Security Theory and Practice, WISTP 2015
Editors	R. Naeem Akram, S. Jajodia
Place of Publication	Berlin
Publisher	Springer
Pages	249-259
Number of pages	11
ISBN (Print)	9783319240183
DOIs	https://doi.org/10.1007/978-3-319-24018-3_16
Publication status	Published - 24 Aug 2015
Event	9th IFIP WG 11.2 International Conference on Information Security Theory and Practice, WISTP 2015 - Heraklion, Crete, Greece Duration: 24 Aug 2015 → 25 Aug 2015 Conference number: 9

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer
Volume	9311
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	9th IFIP WG 11.2 International Conference on Information Security Theory and Practice, WISTP 2015
Abbreviated title	WISTP
Country/Territory	Greece
City	Heraklion, Crete
Period	24/08/15 → 25/08/15
Other	24-25 August 2015

Keywords

Attack Tree Generation
Policy Invalidation
EC Grant Agreement nr.: FP7/2007-2013
EC Grant Agreement nr.: FP7/318003

Access to Document

10.1007/978-3-319-24018-3_16

Cite this

Ivanova, M. G., Probst, C. W., Hansen, R. R., & Kammüller, F. (2015). Attack Tree Generation by Policy Invalidation. In R. Naeem Akram, & S. Jajodia (Eds.), 9th IFIP WG 11.2 International Conference on Information Security Theory and Practice, WISTP 2015 (pp. 249-259). (Lecture Notes in Computer Science; Vol. 9311). Springer. https://doi.org/10.1007/978-3-319-24018-3_16

@inproceedings{98c517d6a7c842809bb11629c68b30ee,

title = "Attack Tree Generation by Policy Invalidation",

abstract = "Attacks on systems and organisations increasingly exploit human actors, for example through social engineering, complicating their formal treatment and automatic identi﬿cation. Formalisation of human behaviour is diﬃcult at best, and attacks on socio-technical systems are still mostly identi﬿ed through brainstorming of experts. In this work we formalize attack tree generation including human factors; based on recent advances in system models we develop a technique to identify possible attacks analytically, including technical and human factors. Our systematic attack generation is based on invalidating policies in the sys- tem model by identifying possible sequences of actions that lead to an attack. The generated attacks are precise enough to illustrate the threat, and they are general enough to hide the details of individual steps.",

keywords = "Attack Tree Generation, Policy Invalidation, EC Grant Agreement nr.: FP7/2007-2013, EC Grant Agreement nr.: FP7/318003",

author = "Ivanova, {Marieta Georgieva} and Probst, {Christian W.} and Hansen, {Ren{\'e} Rydhof} and Florian Kamm{\"u}ller",

year = "2015",

month = aug,

day = "24",

doi = "10.1007/978-3-319-24018-3_16",

language = "English",

isbn = "9783319240183",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "249--259",

editor = "{Naeem Akram}, R. and S. Jajodia",

booktitle = "9th IFIP WG 11.2 International Conference on Information Security Theory and Practice, WISTP 2015",

address = "Germany",

note = "9th IFIP WG 11.2 International Conference on Information Security Theory and Practice, WISTP 2015, WISTP ; Conference date: 24-08-2015 Through 25-08-2015",

}

Ivanova, MG, Probst, CW, Hansen, RR & Kammüller, F 2015, Attack Tree Generation by Policy Invalidation. in R Naeem Akram & S Jajodia (eds), 9th IFIP WG 11.2 International Conference on Information Security Theory and Practice, WISTP 2015. Lecture Notes in Computer Science, vol. 9311, Springer, Berlin, pp. 249-259, 9th IFIP WG 11.2 International Conference on Information Security Theory and Practice, WISTP 2015, Heraklion, Crete, Greece, 24/08/15. https://doi.org/10.1007/978-3-319-24018-3_16

Attack Tree Generation by Policy Invalidation. / Ivanova, Marieta Georgieva; Probst, Christian W.; Hansen, René Rydhof et al.
9th IFIP WG 11.2 International Conference on Information Security Theory and Practice, WISTP 2015. ed. / R. Naeem Akram; S. Jajodia. Berlin: Springer, 2015. p. 249-259 (Lecture Notes in Computer Science; Vol. 9311).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic

TY - GEN

T1 - Attack Tree Generation by Policy Invalidation

AU - Ivanova, Marieta Georgieva

AU - Probst, Christian W.

AU - Hansen, René Rydhof

AU - Kammüller, Florian

N1 - Conference code: 9

PY - 2015/8/24

Y1 - 2015/8/24

N2 - Attacks on systems and organisations increasingly exploit human actors, for example through social engineering, complicating their formal treatment and automatic identi﬿cation. Formalisation of human behaviour is diﬃcult at best, and attacks on socio-technical systems are still mostly identi﬿ed through brainstorming of experts. In this work we formalize attack tree generation including human factors; based on recent advances in system models we develop a technique to identify possible attacks analytically, including technical and human factors. Our systematic attack generation is based on invalidating policies in the sys- tem model by identifying possible sequences of actions that lead to an attack. The generated attacks are precise enough to illustrate the threat, and they are general enough to hide the details of individual steps.

AB - Attacks on systems and organisations increasingly exploit human actors, for example through social engineering, complicating their formal treatment and automatic identi﬿cation. Formalisation of human behaviour is diﬃcult at best, and attacks on socio-technical systems are still mostly identi﬿ed through brainstorming of experts. In this work we formalize attack tree generation including human factors; based on recent advances in system models we develop a technique to identify possible attacks analytically, including technical and human factors. Our systematic attack generation is based on invalidating policies in the sys- tem model by identifying possible sequences of actions that lead to an attack. The generated attacks are precise enough to illustrate the threat, and they are general enough to hide the details of individual steps.

KW - Attack Tree Generation

KW - Policy Invalidation

KW - EC Grant Agreement nr.: FP7/2007-2013

KW - EC Grant Agreement nr.: FP7/318003

U2 - 10.1007/978-3-319-24018-3_16

DO - 10.1007/978-3-319-24018-3_16

M3 - Conference contribution

SN - 9783319240183

T3 - Lecture Notes in Computer Science

SP - 249

EP - 259

BT - 9th IFIP WG 11.2 International Conference on Information Security Theory and Practice, WISTP 2015

A2 - Naeem Akram, R.

A2 - Jajodia, S.

PB - Springer

CY - Berlin

T2 - 9th IFIP WG 11.2 International Conference on Information Security Theory and Practice, WISTP 2015

Y2 - 24 August 2015 through 25 August 2015

ER -

Attack Tree Generation by Policy Invalidation

Abstract

Publication series

Conference

Keywords

Access to Document

Fingerprint

Cite this