Bridging Two Worlds: Reconciling Practical Risk Assessment Methodologies with Theory of Attack Trees

Olga Gadyatskaya; Carlo Harpes; Sjouke Mauw; Cedric Muller; Steve Muller

doi:10.1007/978-3-319-46263-9_5

Bridging Two Worlds: Reconciling Practical Risk Assessment Methodologies with Theory of Attack Trees

Olga Gadyatskaya, Carlo Harpes, Sjouke Mauw, Cedric Muller, Steve Muller

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

11 Citations (Scopus)

Abstract

Security risk treatment often requires a complex cost-benefit analysis to be carried out in order to select countermeasures that optimally reduce risks while having minimal costs. According to ISO/IEC 27001, risk treatment relies on catalogues of countermeasures, and the analysts are expected to estimate the residual risks. At the same time, recent advancements in attack tree theory provide elegant solutions to this optimization problem. In this paper we propose to bridge the gap between these two worlds by introducing optimal countermeasure selection problem on attack-defense trees into the TRICK security risk assessment methodology.

Original language	English
Title of host publication	Graphical Models for Security
Subtitle of host publication	Third International Workshop, GraMSec 2016, Lisbon, Portugal, June 27, 2016, Revised Selected Papers
Editors	Barbara Kordy, Mathias Ekstedt, Dong Seong Kim
Place of Publication	Cham
Publisher	Springer
Pages	80-93
Number of pages	14
ISBN (Electronic)	978-3-319-46263-9
ISBN (Print)	978-3-319-46262-2
DOIs	https://doi.org/10.1007/978-3-319-46263-9_5
Publication status	Published - 8 Sep 2016
Event	3rd International Workshop on Graphical Models for Security, GraMSec 2016 - Lisbon, Portugal Duration: 27 Jun 2016 → 27 Jun 2016 Conference number: 3

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer
Volume	9987
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Name	Security and Cryptology
Publisher	Springer

Workshop

Workshop	3rd International Workshop on Graphical Models for Security, GraMSec 2016
Abbreviated title	GraMSec
Country/Territory	Portugal
City	Lisbon
Period	27/06/16 → 27/06/16

Keywords

EC Grant Agreement nr.: FP7/318003
EC Grant Agreement nr.: FP7/2007–2013
IR-101549
METIS-318530
EWI-27242

Access to Document

10.1007/978-3-319-46263-9_5

Cite this

Gadyatskaya, O., Harpes, C., Mauw, S., Muller, C., & Muller, S. (2016). Bridging Two Worlds: Reconciling Practical Risk Assessment Methodologies with Theory of Attack Trees. In B. Kordy, M. Ekstedt, & D. S. Kim (Eds.), Graphical Models for Security: Third International Workshop, GraMSec 2016, Lisbon, Portugal, June 27, 2016, Revised Selected Papers (pp. 80-93). (Lecture Notes in Computer Science; Vol. 9987), (Security and Cryptology). Springer. https://doi.org/10.1007/978-3-319-46263-9_5

Gadyatskaya, Olga ; Harpes, Carlo ; Mauw, Sjouke et al. / Bridging Two Worlds : Reconciling Practical Risk Assessment Methodologies with Theory of Attack Trees. Graphical Models for Security: Third International Workshop, GraMSec 2016, Lisbon, Portugal, June 27, 2016, Revised Selected Papers. editor / Barbara Kordy ; Mathias Ekstedt ; Dong Seong Kim. Cham : Springer, 2016. pp. 80-93 (Lecture Notes in Computer Science). (Security and Cryptology).

@inproceedings{9e88265a01c84b5b927267c4fb3655ce,

title = "Bridging Two Worlds: Reconciling Practical Risk Assessment Methodologies with Theory of Attack Trees",

abstract = "Security risk treatment often requires a complex cost-benefit analysis to be carried out in order to select countermeasures that optimally reduce risks while having minimal costs. According to ISO/IEC 27001, risk treatment relies on catalogues of countermeasures, and the analysts are expected to estimate the residual risks. At the same time, recent advancements in attack tree theory provide elegant solutions to this optimization problem. In this paper we propose to bridge the gap between these two worlds by introducing optimal countermeasure selection problem on attack-defense trees into the TRICK security risk assessment methodology.",

keywords = "EC Grant Agreement nr.: FP7/318003, EC Grant Agreement nr.: FP7/2007–2013, IR-101549, METIS-318530, EWI-27242",

author = "Olga Gadyatskaya and Carlo Harpes and Sjouke Mauw and Cedric Muller and Steve Muller",

note = "eemcs-eprint-27242 ; 3rd International Workshop on Graphical Models for Security, GraMSec 2016, GraMSec ; Conference date: 27-06-2016 Through 27-06-2016",

year = "2016",

month = sep,

day = "8",

doi = "10.1007/978-3-319-46263-9_5",

language = "English",

isbn = "978-3-319-46262-2",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "80--93",

editor = "Barbara Kordy and Mathias Ekstedt and Kim, {Dong Seong}",

booktitle = "Graphical Models for Security",

}

Gadyatskaya, O, Harpes, C, Mauw, S, Muller, C & Muller, S 2016, Bridging Two Worlds: Reconciling Practical Risk Assessment Methodologies with Theory of Attack Trees. in B Kordy, M Ekstedt & DS Kim (eds), Graphical Models for Security: Third International Workshop, GraMSec 2016, Lisbon, Portugal, June 27, 2016, Revised Selected Papers. Lecture Notes in Computer Science, vol. 9987, Security and Cryptology, Springer, Cham, pp. 80-93, 3rd International Workshop on Graphical Models for Security, GraMSec 2016, Lisbon, Portugal, 27/06/16. https://doi.org/10.1007/978-3-319-46263-9_5

Bridging Two Worlds : Reconciling Practical Risk Assessment Methodologies with Theory of Attack Trees. / Gadyatskaya, Olga; Harpes, Carlo; Mauw, Sjouke et al.

Graphical Models for Security: Third International Workshop, GraMSec 2016, Lisbon, Portugal, June 27, 2016, Revised Selected Papers. ed. / Barbara Kordy; Mathias Ekstedt; Dong Seong Kim. Cham : Springer, 2016. p. 80-93 (Lecture Notes in Computer Science; Vol. 9987), (Security and Cryptology).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - Bridging Two Worlds

T2 - 3rd International Workshop on Graphical Models for Security, GraMSec 2016

AU - Gadyatskaya, Olga

AU - Harpes, Carlo

AU - Mauw, Sjouke

AU - Muller, Cedric

AU - Muller, Steve

N1 - Conference code: 3

PY - 2016/9/8

Y1 - 2016/9/8

N2 - Security risk treatment often requires a complex cost-benefit analysis to be carried out in order to select countermeasures that optimally reduce risks while having minimal costs. According to ISO/IEC 27001, risk treatment relies on catalogues of countermeasures, and the analysts are expected to estimate the residual risks. At the same time, recent advancements in attack tree theory provide elegant solutions to this optimization problem. In this paper we propose to bridge the gap between these two worlds by introducing optimal countermeasure selection problem on attack-defense trees into the TRICK security risk assessment methodology.

AB - Security risk treatment often requires a complex cost-benefit analysis to be carried out in order to select countermeasures that optimally reduce risks while having minimal costs. According to ISO/IEC 27001, risk treatment relies on catalogues of countermeasures, and the analysts are expected to estimate the residual risks. At the same time, recent advancements in attack tree theory provide elegant solutions to this optimization problem. In this paper we propose to bridge the gap between these two worlds by introducing optimal countermeasure selection problem on attack-defense trees into the TRICK security risk assessment methodology.

KW - EC Grant Agreement nr.: FP7/318003

KW - EC Grant Agreement nr.: FP7/2007–2013

KW - IR-101549

KW - METIS-318530

KW - EWI-27242

U2 - 10.1007/978-3-319-46263-9_5

DO - 10.1007/978-3-319-46263-9_5

M3 - Conference contribution

SN - 978-3-319-46262-2

T3 - Lecture Notes in Computer Science

SP - 80

EP - 93

BT - Graphical Models for Security

A2 - Kordy, Barbara

A2 - Ekstedt, Mathias

A2 - Kim, Dong Seong

PB - Springer

CY - Cham

Y2 - 27 June 2016 through 27 June 2016

ER -

Gadyatskaya O, Harpes C, Mauw S, Muller C, Muller S. Bridging Two Worlds: Reconciling Practical Risk Assessment Methodologies with Theory of Attack Trees. In Kordy B, Ekstedt M, Kim DS, editors, Graphical Models for Security: Third International Workshop, GraMSec 2016, Lisbon, Portugal, June 27, 2016, Revised Selected Papers. Cham: Springer. 2016. p. 80-93. (Lecture Notes in Computer Science). (Security and Cryptology). doi: 10.1007/978-3-319-46263-9_5

Bridging Two Worlds: Reconciling Practical Risk Assessment Methodologies with Theory of Attack Trees

Abstract

Publication series

Workshop

Keywords

Access to Document

Fingerprint

Cite this