Calculating Adversarial Risk from Attack Trees: Control Strength and Probabilistic Attackers

Wolter Pieters; Mohsen Davarynejad

doi:10.1007/978-3-319-17016-9_13

Calculating Adversarial Risk from Attack Trees: Control Strength and Probabilistic Attackers

Wolter Pieters, Mohsen Davarynejad

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

7 Citations (Scopus)

Abstract

Attack trees are a well-known formalism for quantitative analysis of cyber attacks consisting of multiple steps and alternative paths. It is possible to derive properties of the overall attacks from properties of individual steps, such as cost for the attacker and probability of success. However, in existing formalisms, such properties are considered independent. For example, investing more in an attack step would not increase the probability of success. As this seems counterintuitive, we introduce a framework for reasoning about attack trees based on the notion of control strength, annotating nodes with a function from attacker investment to probability of success. Calculation rules on such trees are defined to enable analysis of optimal attacker investment. Our second result consists of the translation of optimal attacker investment into the associated adversarial risk, yielding what we call adversarial risk trees. The third result is the introduction of probabilistic attacker strate- gies, based on the fitness (utility) of available scenarios. Together these contributions improve the possibilities for using attack trees in adversarial risk analysis.

Original language	English
Title of host publication	Data Privacy Management, Autonomous Spontaneous Security, and Security Assurance
Subtitle of host publication	9th International Workshop, DPM 2014, 7th International Workshop, SETOP 2014, and 3rd International Workshop, QASA 2014, Wroclaw, Poland, September 10-11, 2014. Revised Selected Papers
Editors	Joaquin Garcia-Alfaro, Jordi Herrera-Joancomartí, Emil Lupu, Joachim Posegga
Place of Publication	Berlin
Publisher	Springer
Pages	201-215
Number of pages	15
ISBN (Electronic)	978-3-319-17016-9
ISBN (Print)	978-3-319-17015-2
DOIs	https://doi.org/10.1007/978-3-319-17016-9_13
Publication status	Published - 28 Mar 2015
Event	3rd International Workshop on Quantitative Aspects in Security Assurance, QASA 2014 - Wraclaw, Poland Duration: 10 Sep 2014 → 11 Sep 2014 Conference number: 3

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer
Volume	8872
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Workshop

Workshop	3rd International Workshop on Quantitative Aspects in Security Assurance, QASA 2014
Abbreviated title	QASA
Country	Poland
City	Wraclaw
Period	10/09/14 → 11/09/14

Fingerprint

Trees (mathematics)

Risk analysis

Chemical analysis

Costs

Keywords

EC Grant Agreement nr.: FP7/318003
SCS-cybersecurity
EC Grant Agreement nr.: FP7/2007-2013
Control strength
Security metrics
Adversarial risk analysis
Attack trees
Attacker models
Fitness functions
Simulation

Cite this

Pieters, W., & Davarynejad, M. (2015). Calculating Adversarial Risk from Attack Trees: Control Strength and Probabilistic Attackers. In J. Garcia-Alfaro, J. Herrera-Joancomartí, E. Lupu, & J. Posegga (Eds.), Data Privacy Management, Autonomous Spontaneous Security, and Security Assurance: 9th International Workshop, DPM 2014, 7th International Workshop, SETOP 2014, and 3rd International Workshop, QASA 2014, Wroclaw, Poland, September 10-11, 2014. Revised Selected Papers (pp. 201-215). (Lecture Notes in Computer Science; Vol. 8872). Berlin: Springer. https://doi.org/10.1007/978-3-319-17016-9_13

Pieters, Wolter ; Davarynejad, Mohsen. / Calculating Adversarial Risk from Attack Trees : Control Strength and Probabilistic Attackers. Data Privacy Management, Autonomous Spontaneous Security, and Security Assurance: 9th International Workshop, DPM 2014, 7th International Workshop, SETOP 2014, and 3rd International Workshop, QASA 2014, Wroclaw, Poland, September 10-11, 2014. Revised Selected Papers. editor / Joaquin Garcia-Alfaro ; Jordi Herrera-Joancomartí ; Emil Lupu ; Joachim Posegga. Berlin : Springer, 2015. pp. 201-215 (Lecture Notes in Computer Science).

@inproceedings{95b197488b0746b2a7eee00fe1169d38,

title = "Calculating Adversarial Risk from Attack Trees: Control Strength and Probabilistic Attackers",

abstract = "Attack trees are a well-known formalism for quantitative analysis of cyber attacks consisting of multiple steps and alternative paths. It is possible to derive properties of the overall attacks from properties of individual steps, such as cost for the attacker and probability of success. However, in existing formalisms, such properties are considered independent. For example, investing more in an attack step would not increase the probability of success. As this seems counterintuitive, we introduce a framework for reasoning about attack trees based on the notion of control strength, annotating nodes with a function from attacker investment to probability of success. Calculation rules on such trees are defined to enable analysis of optimal attacker investment. Our second result consists of the translation of optimal attacker investment into the associated adversarial risk, yielding what we call adversarial risk trees. The third result is the introduction of probabilistic attacker strate- gies, based on the fitness (utility) of available scenarios. Together these contributions improve the possibilities for using attack trees in adversarial risk analysis.",

keywords = "EC Grant Agreement nr.: FP7/318003, SCS-cybersecurity, EC Grant Agreement nr.: FP7/2007-2013, Control strength, Security metrics, Adversarial risk analysis, Attack trees, Attacker models, Fitness functions, Simulation",

author = "Wolter Pieters and Mohsen Davarynejad",

note = "Foreground = 100{\%}; Type of activity = Conference; Main leader = TUD; Type of audience = Scientific community; Size of audience = 20; Countries addressed = International;",

year = "2015",

month = "3",

day = "28",

doi = "10.1007/978-3-319-17016-9_13",

language = "English",

isbn = "978-3-319-17015-2",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "201--215",

editor = "Joaquin Garcia-Alfaro and Jordi Herrera-Joancomart{\'i} and Emil Lupu and Joachim Posegga",

booktitle = "Data Privacy Management, Autonomous Spontaneous Security, and Security Assurance",

}

Pieters, W & Davarynejad, M 2015, Calculating Adversarial Risk from Attack Trees: Control Strength and Probabilistic Attackers. in J Garcia-Alfaro, J Herrera-Joancomartí, E Lupu & J Posegga (eds), Data Privacy Management, Autonomous Spontaneous Security, and Security Assurance: 9th International Workshop, DPM 2014, 7th International Workshop, SETOP 2014, and 3rd International Workshop, QASA 2014, Wroclaw, Poland, September 10-11, 2014. Revised Selected Papers. Lecture Notes in Computer Science, vol. 8872, Springer, Berlin, pp. 201-215, 3rd International Workshop on Quantitative Aspects in Security Assurance, QASA 2014, Wraclaw, Poland, 10/09/14. https://doi.org/10.1007/978-3-319-17016-9_13

Calculating Adversarial Risk from Attack Trees : Control Strength and Probabilistic Attackers. / Pieters, Wolter; Davarynejad, Mohsen.

Data Privacy Management, Autonomous Spontaneous Security, and Security Assurance: 9th International Workshop, DPM 2014, 7th International Workshop, SETOP 2014, and 3rd International Workshop, QASA 2014, Wroclaw, Poland, September 10-11, 2014. Revised Selected Papers. ed. / Joaquin Garcia-Alfaro; Jordi Herrera-Joancomartí; Emil Lupu; Joachim Posegga. Berlin : Springer, 2015. p. 201-215 (Lecture Notes in Computer Science; Vol. 8872).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - Calculating Adversarial Risk from Attack Trees

T2 - Control Strength and Probabilistic Attackers

AU - Pieters, Wolter

AU - Davarynejad, Mohsen

N1 - Foreground = 100%; Type of activity = Conference; Main leader = TUD; Type of audience = Scientific community; Size of audience = 20; Countries addressed = International;

PY - 2015/3/28

Y1 - 2015/3/28

N2 - Attack trees are a well-known formalism for quantitative analysis of cyber attacks consisting of multiple steps and alternative paths. It is possible to derive properties of the overall attacks from properties of individual steps, such as cost for the attacker and probability of success. However, in existing formalisms, such properties are considered independent. For example, investing more in an attack step would not increase the probability of success. As this seems counterintuitive, we introduce a framework for reasoning about attack trees based on the notion of control strength, annotating nodes with a function from attacker investment to probability of success. Calculation rules on such trees are defined to enable analysis of optimal attacker investment. Our second result consists of the translation of optimal attacker investment into the associated adversarial risk, yielding what we call adversarial risk trees. The third result is the introduction of probabilistic attacker strate- gies, based on the fitness (utility) of available scenarios. Together these contributions improve the possibilities for using attack trees in adversarial risk analysis.

AB - Attack trees are a well-known formalism for quantitative analysis of cyber attacks consisting of multiple steps and alternative paths. It is possible to derive properties of the overall attacks from properties of individual steps, such as cost for the attacker and probability of success. However, in existing formalisms, such properties are considered independent. For example, investing more in an attack step would not increase the probability of success. As this seems counterintuitive, we introduce a framework for reasoning about attack trees based on the notion of control strength, annotating nodes with a function from attacker investment to probability of success. Calculation rules on such trees are defined to enable analysis of optimal attacker investment. Our second result consists of the translation of optimal attacker investment into the associated adversarial risk, yielding what we call adversarial risk trees. The third result is the introduction of probabilistic attacker strate- gies, based on the fitness (utility) of available scenarios. Together these contributions improve the possibilities for using attack trees in adversarial risk analysis.

KW - EC Grant Agreement nr.: FP7/318003

KW - SCS-cybersecurity

KW - EC Grant Agreement nr.: FP7/2007-2013

KW - Control strength

KW - Security metrics

KW - Adversarial risk analysis

KW - Attack trees

KW - Attacker models

KW - Fitness functions

KW - Simulation

U2 - 10.1007/978-3-319-17016-9_13

DO - 10.1007/978-3-319-17016-9_13

M3 - Conference contribution

SN - 978-3-319-17015-2

T3 - Lecture Notes in Computer Science

SP - 201

EP - 215

BT - Data Privacy Management, Autonomous Spontaneous Security, and Security Assurance

A2 - Garcia-Alfaro, Joaquin

A2 - Herrera-Joancomartí, Jordi

A2 - Lupu, Emil

A2 - Posegga, Joachim

PB - Springer

CY - Berlin

ER -

Pieters W, Davarynejad M. Calculating Adversarial Risk from Attack Trees: Control Strength and Probabilistic Attackers. In Garcia-Alfaro J, Herrera-Joancomartí J, Lupu E, Posegga J, editors, Data Privacy Management, Autonomous Spontaneous Security, and Security Assurance: 9th International Workshop, DPM 2014, 7th International Workshop, SETOP 2014, and 3rd International Workshop, QASA 2014, Wroclaw, Poland, September 10-11, 2014. Revised Selected Papers. Berlin: Springer. 2015. p. 201-215. (Lecture Notes in Computer Science). https://doi.org/10.1007/978-3-319-17016-9_13

Access to Document

10.1007/978-3-319-17016-9_13