Efficient Algorithms for Quantitative Attack Tree Analysis

Carlos E. Budde; Mariëlle Stoelinga

doi:10.48550/arXiv.2105.07511

Efficient Algorithms for Quantitative Attack Tree Analysis

Carlos E. Budde
, Mariëlle Stoelinga

Research output: Working paper › Preprint › Academic

64 Downloads (Pure)

Abstract

Numerous analysis methods for quantitative attack tree analysis have been proposed. These algorithms compute relevant security metrics, i.e. performance indicators that quantify how good the security of a system is, such as the most likely attack, the cheapest, or the most damaging one. This paper classifies attack trees in two dimensions: proper trees vs. directed acyclic graphs (i.e. with shared subtrees); and static vs. dynamic gates. For each class, we propose novel algorithms that work over a generic attribute domain, encompassing a large number of concrete security metrics defined on the attack tree semantics. We also analyse the computational complexity of our methods.

Original language	English
DOIs	https://doi.org/10.48550/arXiv.2105.07511
Publication status	Published - 16 May 2021

Keywords

cs.CR
cs.DS
F.1.0; F.2.2; G.2.3

Access to Document

10.48550/arXiv.2105.07511Licence: CC BY-SA

2105.07511v2Final published version, 1.13 MBLicence: CC BY-SA

1 Conference contribution

Efficient Algorithms for Quantitative Attack Tree Analysis
Budde, C. E. & Stoelinga, M., 10 Aug 2021, 2021 IEEE 34th Computer Security Foundations Symposium (CSF).
Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

Open Access
File
10 Citations (Scopus)

161 Downloads (Pure)

Cite this

@techreport{999785023ff34536a2431725d091cf82,

title = "Efficient Algorithms for Quantitative Attack Tree Analysis",

abstract = " Numerous analysis methods for quantitative attack tree analysis have been proposed. These algorithms compute relevant security metrics, i.e. performance indicators that quantify how good the security of a system is, such as the most likely attack, the cheapest, or the most damaging one. This paper classifies attack trees in two dimensions: proper trees vs. directed acyclic graphs (i.e. with shared subtrees); and static vs. dynamic gates. For each class, we propose novel algorithms that work over a generic attribute domain, encompassing a large number of concrete security metrics defined on the attack tree semantics. We also analyse the computational complexity of our methods. ",

keywords = "cs.CR, cs.DS, F.1.0; F.2.2; G.2.3",

author = "Budde, \{Carlos E.\} and Mari{\"e}lle Stoelinga",

note = "Public version of CSF'21 paper, including an appendix with all proofs of lemmas and theorems",

year = "2021",

month = may,

day = "16",

doi = "10.48550/arXiv.2105.07511",

language = "English",

type = "WorkingPaper",

}

TY - UNPB

T1 - Efficient Algorithms for Quantitative Attack Tree Analysis

AU - Budde, Carlos E.

AU - Stoelinga, Mariëlle

N1 - Public version of CSF'21 paper, including an appendix with all proofs of lemmas and theorems

PY - 2021/5/16

Y1 - 2021/5/16

N2 - Numerous analysis methods for quantitative attack tree analysis have been proposed. These algorithms compute relevant security metrics, i.e. performance indicators that quantify how good the security of a system is, such as the most likely attack, the cheapest, or the most damaging one. This paper classifies attack trees in two dimensions: proper trees vs. directed acyclic graphs (i.e. with shared subtrees); and static vs. dynamic gates. For each class, we propose novel algorithms that work over a generic attribute domain, encompassing a large number of concrete security metrics defined on the attack tree semantics. We also analyse the computational complexity of our methods.

AB - Numerous analysis methods for quantitative attack tree analysis have been proposed. These algorithms compute relevant security metrics, i.e. performance indicators that quantify how good the security of a system is, such as the most likely attack, the cheapest, or the most damaging one. This paper classifies attack trees in two dimensions: proper trees vs. directed acyclic graphs (i.e. with shared subtrees); and static vs. dynamic gates. For each class, we propose novel algorithms that work over a generic attribute domain, encompassing a large number of concrete security metrics defined on the attack tree semantics. We also analyse the computational complexity of our methods.

KW - cs.CR

KW - cs.DS

KW - F.1.0; F.2.2; G.2.3

U2 - 10.48550/arXiv.2105.07511

DO - 10.48550/arXiv.2105.07511

M3 - Preprint

BT - Efficient Algorithms for Quantitative Attack Tree Analysis

ER -

Efficient Algorithms for Quantitative Attack Tree Analysis

Abstract

Keywords

Access to Document

Fingerprint

Research output

Efficient Algorithms for Quantitative Attack Tree Analysis

Cite this