Pareto Efficient Solution of Attack-Defence Trees

Zaruhi Aslanyan; Flemming Nielson

doi:10.1007/978-3-662-46666-7_6

Pareto Efficient Solution of Attack-Defence Trees

Zaruhi Aslanyan
, Flemming Nielson

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

47 Citations (Scopus)

1 Downloads (Pure)

Abstract

Attack-defence trees are a promising approach for representing threat scenarios and possible countermeasures in a concise and intuitive manner. An attack-defence tree describes the interaction between an attacker and a defender, and is evaluated by assigning parameters to the nodes, such as probability or cost of attacks and defences. In case of multiple parameters most analytical methods optimise one parameter at a time, e.g., minimise cost or maximise probability of an attack. Such methods may lead to sub-optimal solutions when optimising conflicting parameters, e.g., minimising cost while maximising probability. In order to tackle this challenge, we devise automated techniques that optimise all parameters at once. Moreover, in the case of conflicting parameters our techniques compute the set of all optimal solutions, defined in terms of Pareto efficiency. The developments are carried out on a new and general formalism for attack-defence trees.

Original language	English
Title of host publication	4th International Conference on Principles of Security and Trust, POST 2015
Editors	Riccardo Focardi, Andrew Myers
Place of Publication	Berlin, Heidelberg
Publisher	Springer
Pages	95-114
Number of pages	20
ISBN (Electronic)	978-3-662-46666-7
ISBN (Print)	978-3-662-46665-0
DOIs	https://doi.org/10.1007/978-3-662-46666-7_6
Publication status	Published - Apr 2015
Event	4th International Conference on Principles of Security and Trust, POST 2015 - London, United Kingdom Duration: 11 Apr 2015 → 18 Apr 2015 Conference number: 4

Publication series

Name	Lecture notes in computer science
Publisher	Springer Verlag
Volume	9036
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	4th International Conference on Principles of Security and Trust, POST 2015
Abbreviated title	POST
Country/Territory	United Kingdom
City	London
Period	11/04/15 → 18/04/15

Keywords

EC Grant Agreement nr.: FP7/2007-2013
EC Grant Agreement nr.: FP7/318003
Multiple criteria
Countermeasures
Pareto efficiency
Attack trees
Attack-defence trees
Security assessment

Access to Document

10.1007/978-3-662-46666-7_6

Cite this

@inproceedings{7be4f0859bd246afa873eba78f9f3a42,

title = "Pareto Efficient Solution of Attack-Defence Trees",

abstract = "Attack-defence trees are a promising approach for representing threat scenarios and possible countermeasures in a concise and intuitive manner. An attack-defence tree describes the interaction between an attacker and a defender, and is evaluated by assigning parameters to the nodes, such as probability or cost of attacks and defences. In case of multiple parameters most analytical methods optimise one parameter at a time, e.g., minimise cost or maximise probability of an attack. Such methods may lead to sub-optimal solutions when optimising conflicting parameters, e.g., minimising cost while maximising probability. In order to tackle this challenge, we devise automated techniques that optimise all parameters at once. Moreover, in the case of conflicting parameters our techniques compute the set of all optimal solutions, defined in terms of Pareto efficiency. The developments are carried out on a new and general formalism for attack-defence trees.",

keywords = "EC Grant Agreement nr.: FP7/2007-2013, EC Grant Agreement nr.: FP7/318003, Multiple criteria, Countermeasures, Pareto efficiency, Attack trees, Attack-defence trees, Security assessment",

author = "Zaruhi Aslanyan and Flemming Nielson",

year = "2015",

month = apr,

doi = "10.1007/978-3-662-46666-7\_6",

language = "English",

isbn = "978-3-662-46665-0",

series = "Lecture notes in computer science",

publisher = "Springer",

pages = "95--114",

editor = "Riccardo Focardi and Andrew Myers",

booktitle = "4th International Conference on Principles of Security and Trust, POST 2015",

address = "Germany",

note = "4th International Conference on Principles of Security and Trust, POST 2015, POST ; Conference date: 11-04-2015 Through 18-04-2015",

}

Aslanyan, Z & Nielson, F 2015, Pareto Efficient Solution of Attack-Defence Trees. in R Focardi & A Myers (eds), 4th International Conference on Principles of Security and Trust, POST 2015. Lecture notes in computer science, vol. 9036, Springer, Berlin, Heidelberg, pp. 95-114, 4th International Conference on Principles of Security and Trust, POST 2015, London, United Kingdom, 11/04/15. https://doi.org/10.1007/978-3-662-46666-7_6

Pareto Efficient Solution of Attack-Defence Trees. / Aslanyan, Zaruhi; Nielson, Flemming.
4th International Conference on Principles of Security and Trust, POST 2015. ed. / Riccardo Focardi; Andrew Myers. Berlin, Heidelberg: Springer, 2015. p. 95-114 (Lecture notes in computer science; Vol. 9036).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - Pareto Efficient Solution of Attack-Defence Trees

AU - Aslanyan, Zaruhi

AU - Nielson, Flemming

N1 - Conference code: 4

PY - 2015/4

Y1 - 2015/4

N2 - Attack-defence trees are a promising approach for representing threat scenarios and possible countermeasures in a concise and intuitive manner. An attack-defence tree describes the interaction between an attacker and a defender, and is evaluated by assigning parameters to the nodes, such as probability or cost of attacks and defences. In case of multiple parameters most analytical methods optimise one parameter at a time, e.g., minimise cost or maximise probability of an attack. Such methods may lead to sub-optimal solutions when optimising conflicting parameters, e.g., minimising cost while maximising probability. In order to tackle this challenge, we devise automated techniques that optimise all parameters at once. Moreover, in the case of conflicting parameters our techniques compute the set of all optimal solutions, defined in terms of Pareto efficiency. The developments are carried out on a new and general formalism for attack-defence trees.

AB - Attack-defence trees are a promising approach for representing threat scenarios and possible countermeasures in a concise and intuitive manner. An attack-defence tree describes the interaction between an attacker and a defender, and is evaluated by assigning parameters to the nodes, such as probability or cost of attacks and defences. In case of multiple parameters most analytical methods optimise one parameter at a time, e.g., minimise cost or maximise probability of an attack. Such methods may lead to sub-optimal solutions when optimising conflicting parameters, e.g., minimising cost while maximising probability. In order to tackle this challenge, we devise automated techniques that optimise all parameters at once. Moreover, in the case of conflicting parameters our techniques compute the set of all optimal solutions, defined in terms of Pareto efficiency. The developments are carried out on a new and general formalism for attack-defence trees.

KW - EC Grant Agreement nr.: FP7/2007-2013

KW - EC Grant Agreement nr.: FP7/318003

KW - Multiple criteria

KW - Countermeasures

KW - Pareto efficiency

KW - Attack trees

KW - Attack-defence trees

KW - Security assessment

U2 - 10.1007/978-3-662-46666-7_6

DO - 10.1007/978-3-662-46666-7_6

M3 - Conference contribution

SN - 978-3-662-46665-0

T3 - Lecture notes in computer science

SP - 95

EP - 114

BT - 4th International Conference on Principles of Security and Trust, POST 2015

A2 - Focardi, Riccardo

A2 - Myers, Andrew

PB - Springer

CY - Berlin, Heidelberg

T2 - 4th International Conference on Principles of Security and Trust, POST 2015

Y2 - 11 April 2015 through 18 April 2015

ER -

Pareto Efficient Solution of Attack-Defence Trees

Abstract

Publication series

Conference

Keywords

Access to Document

Fingerprint

Cite this