Regression Nodes: Extending attack trees with data from social sciences

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

1 Citation (Scopus)

Abstract

In the field of security, attack trees are often used to assess security vulnerabilities probabilistically in relation to multi-step attacks. The nodes are usually connected via AND-gates, where all children must be executed, or via OR-gates, where only one action is necessary for the attack step to succeed. This logic, however, is not suitable for including human interaction such as that of social engineering, because the attacker may combine different persuasion principles to different degrees, with different associated success probabilities. Experimental results in this domain are typically represented by regression equations rather than logical gates. This paper therefore proposes an extension to attack trees involving a regression-node, illustrated by data obtained from a social engineering experiment. By allowing the annotation of leaf nodes with experimental data from social science, the regression-node enables the development of integrated socio-technical security models.
Original languageUndefined
Title of host publicationProceedings of the Workshop on Socio-Technical Aspects in Security and Trust (STAST 2015)
Place of PublicationPiscataway, New Jersey
PublisherIEEE Computer Society
Pages17-23
Number of pages7
ISBN (Print)978-1-5090-0178-1
DOIs
Publication statusPublished - Jul 2015

Publication series

Name
PublisherIEEE Computer Society

Keywords

  • SCS-Cybersecurity
  • EWI-26273
  • EC Grant Agreement nr.: FP7/318003
  • Social Engineering
  • METIS-312711
  • Regression
  • IR-97196
  • Attack Tree
  • EC Grant Agreement nr.: FP7/2007-2013

Cite this

Bullee, J-W., Montoya, L., Pieters, W., Junger, M., & Hartel, P. H. (2015). Regression Nodes: Extending attack trees with data from social sciences. In Proceedings of the Workshop on Socio-Technical Aspects in Security and Trust (STAST 2015) (pp. 17-23). Piscataway, New Jersey: IEEE Computer Society. https://doi.org/10.1109/STAST.2015.11
Bullee, Jan-Willem ; Montoya, L. ; Pieters, Wolter ; Junger, Marianne ; Hartel, Pieter H. / Regression Nodes: Extending attack trees with data from social sciences. Proceedings of the Workshop on Socio-Technical Aspects in Security and Trust (STAST 2015). Piscataway, New Jersey : IEEE Computer Society, 2015. pp. 17-23
@inproceedings{a8b1dc1d99014f98b7fb3789dcab7c21,
title = "Regression Nodes: Extending attack trees with data from social sciences",
abstract = "In the field of security, attack trees are often used to assess security vulnerabilities probabilistically in relation to multi-step attacks. The nodes are usually connected via AND-gates, where all children must be executed, or via OR-gates, where only one action is necessary for the attack step to succeed. This logic, however, is not suitable for including human interaction such as that of social engineering, because the attacker may combine different persuasion principles to different degrees, with different associated success probabilities. Experimental results in this domain are typically represented by regression equations rather than logical gates. This paper therefore proposes an extension to attack trees involving a regression-node, illustrated by data obtained from a social engineering experiment. By allowing the annotation of leaf nodes with experimental data from social science, the regression-node enables the development of integrated socio-technical security models.",
keywords = "SCS-Cybersecurity, EWI-26273, EC Grant Agreement nr.: FP7/318003, Social Engineering, METIS-312711, Regression, IR-97196, Attack Tree, EC Grant Agreement nr.: FP7/2007-2013",
author = "Jan-Willem Bullee and L. Montoya and Wolter Pieters and Marianne Junger and Hartel, {Pieter H.}",
note = "Foreground = 100{\%} ; Type of activity = conference ; Main leader = UT ; Type of audience = scientific community ; Size of audience = 10 ; Countries addressed = European ;",
year = "2015",
month = "7",
doi = "10.1109/STAST.2015.11",
language = "Undefined",
isbn = "978-1-5090-0178-1",
publisher = "IEEE Computer Society",
pages = "17--23",
booktitle = "Proceedings of the Workshop on Socio-Technical Aspects in Security and Trust (STAST 2015)",
address = "United States",

}

Bullee, J-W, Montoya, L, Pieters, W, Junger, M & Hartel, PH 2015, Regression Nodes: Extending attack trees with data from social sciences. in Proceedings of the Workshop on Socio-Technical Aspects in Security and Trust (STAST 2015). IEEE Computer Society, Piscataway, New Jersey, pp. 17-23. https://doi.org/10.1109/STAST.2015.11

Regression Nodes: Extending attack trees with data from social sciences. / Bullee, Jan-Willem; Montoya, L.; Pieters, Wolter; Junger, Marianne; Hartel, Pieter H.

Proceedings of the Workshop on Socio-Technical Aspects in Security and Trust (STAST 2015). Piscataway, New Jersey : IEEE Computer Society, 2015. p. 17-23.

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

TY - GEN

T1 - Regression Nodes: Extending attack trees with data from social sciences

AU - Bullee, Jan-Willem

AU - Montoya, L.

AU - Pieters, Wolter

AU - Junger, Marianne

AU - Hartel, Pieter H.

N1 - Foreground = 100% ; Type of activity = conference ; Main leader = UT ; Type of audience = scientific community ; Size of audience = 10 ; Countries addressed = European ;

PY - 2015/7

Y1 - 2015/7

N2 - In the field of security, attack trees are often used to assess security vulnerabilities probabilistically in relation to multi-step attacks. The nodes are usually connected via AND-gates, where all children must be executed, or via OR-gates, where only one action is necessary for the attack step to succeed. This logic, however, is not suitable for including human interaction such as that of social engineering, because the attacker may combine different persuasion principles to different degrees, with different associated success probabilities. Experimental results in this domain are typically represented by regression equations rather than logical gates. This paper therefore proposes an extension to attack trees involving a regression-node, illustrated by data obtained from a social engineering experiment. By allowing the annotation of leaf nodes with experimental data from social science, the regression-node enables the development of integrated socio-technical security models.

AB - In the field of security, attack trees are often used to assess security vulnerabilities probabilistically in relation to multi-step attacks. The nodes are usually connected via AND-gates, where all children must be executed, or via OR-gates, where only one action is necessary for the attack step to succeed. This logic, however, is not suitable for including human interaction such as that of social engineering, because the attacker may combine different persuasion principles to different degrees, with different associated success probabilities. Experimental results in this domain are typically represented by regression equations rather than logical gates. This paper therefore proposes an extension to attack trees involving a regression-node, illustrated by data obtained from a social engineering experiment. By allowing the annotation of leaf nodes with experimental data from social science, the regression-node enables the development of integrated socio-technical security models.

KW - SCS-Cybersecurity

KW - EWI-26273

KW - EC Grant Agreement nr.: FP7/318003

KW - Social Engineering

KW - METIS-312711

KW - Regression

KW - IR-97196

KW - Attack Tree

KW - EC Grant Agreement nr.: FP7/2007-2013

U2 - 10.1109/STAST.2015.11

DO - 10.1109/STAST.2015.11

M3 - Conference contribution

SN - 978-1-5090-0178-1

SP - 17

EP - 23

BT - Proceedings of the Workshop on Socio-Technical Aspects in Security and Trust (STAST 2015)

PB - IEEE Computer Society

CY - Piscataway, New Jersey

ER -

Bullee J-W, Montoya L, Pieters W, Junger M, Hartel PH. Regression Nodes: Extending attack trees with data from social sciences. In Proceedings of the Workshop on Socio-Technical Aspects in Security and Trust (STAST 2015). Piscataway, New Jersey: IEEE Computer Society. 2015. p. 17-23 https://doi.org/10.1109/STAST.2015.11