Time dependent analysis with dynamic counter measure trees

Rajesh Kumar, Dennis Guck, Mariëlle Ida Antoinette Stoelinga

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The success of a security attack crucially depends on time: the more time available to the attacker, the higher the probability of a successful attack. Formalisms such as Reliability block diagrams, Reliability graphs and Attack Countermeasure trees provide quantitative information about attack scenarios, but they are provably insufficient to model dependent actions which involve costs, skills, and time. In this presentation, we extend the Attack Countermeasure trees with a notion of time; inspired by the fact that there is a strong correlation between the amount of resources in which the attacker invests (in this case time) and probability that an attacker succeeds. This allows for an effective selection of countermeasures and rank them according to their resource consumption in terms of costs/skills of installing them and effectiveness in preventing an attack.
LanguageUndefined
Title of host publicationProceedings of the 13th Workshop on Quantitative Aspects of Programming Languages and Systems (QAPL 2015)
Place of PublicationFrance
PublisherINRIA
Pages1-5
Number of pages4
ISBN (Print)not assigned
StatePublished - Apr 2015

Publication series

Name
PublisherInria

Keywords

  • EC Grant Agreement nr.: FP7/2007-2013
  • EC Grant Agreement nr.: FP7/318003
  • EWI-25984
  • IR-97667
  • Counter measure trees
  • time dependent analysis
  • METIS-312583
  • Attack trees

Cite this

Kumar, R., Guck, D., & Stoelinga, M. I. A. (2015). Time dependent analysis with dynamic counter measure trees. In Proceedings of the 13th Workshop on Quantitative Aspects of Programming Languages and Systems (QAPL 2015) (pp. 1-5). France: INRIA.
Kumar, Rajesh ; Guck, Dennis ; Stoelinga, Mariëlle Ida Antoinette. / Time dependent analysis with dynamic counter measure trees. Proceedings of the 13th Workshop on Quantitative Aspects of Programming Languages and Systems (QAPL 2015). France : INRIA, 2015. pp. 1-5
@inproceedings{ac9a561b88474c138bcaf93a782b7b52,
title = "Time dependent analysis with dynamic counter measure trees",
abstract = "The success of a security attack crucially depends on time: the more time available to the attacker, the higher the probability of a successful attack. Formalisms such as Reliability block diagrams, Reliability graphs and Attack Countermeasure trees provide quantitative information about attack scenarios, but they are provably insufficient to model dependent actions which involve costs, skills, and time. In this presentation, we extend the Attack Countermeasure trees with a notion of time; inspired by the fact that there is a strong correlation between the amount of resources in which the attacker invests (in this case time) and probability that an attacker succeeds. This allows for an effective selection of countermeasures and rank them according to their resource consumption in terms of costs/skills of installing them and effectiveness in preventing an attack.",
keywords = "EC Grant Agreement nr.: FP7/2007-2013, EC Grant Agreement nr.: FP7/318003, EWI-25984, IR-97667, Counter measure trees, time dependent analysis, METIS-312583, Attack trees",
author = "Rajesh Kumar and Dennis Guck and Stoelinga, {Mari{\"e}lle Ida Antoinette}",
note = "Foreground = 80{\%} ; Type of activity = Workshop ; Main leader = UT ; Type of audience = scientific community ; Size of audience = 30 ; Countries addressed = international ;",
year = "2015",
month = "4",
language = "Undefined",
isbn = "not assigned",
publisher = "INRIA",
pages = "1--5",
booktitle = "Proceedings of the 13th Workshop on Quantitative Aspects of Programming Languages and Systems (QAPL 2015)",

}

Kumar, R, Guck, D & Stoelinga, MIA 2015, Time dependent analysis with dynamic counter measure trees. in Proceedings of the 13th Workshop on Quantitative Aspects of Programming Languages and Systems (QAPL 2015). INRIA, France, pp. 1-5.

Time dependent analysis with dynamic counter measure trees. / Kumar, Rajesh; Guck, Dennis; Stoelinga, Mariëlle Ida Antoinette.

Proceedings of the 13th Workshop on Quantitative Aspects of Programming Languages and Systems (QAPL 2015). France : INRIA, 2015. p. 1-5.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Time dependent analysis with dynamic counter measure trees

AU - Kumar,Rajesh

AU - Guck,Dennis

AU - Stoelinga,Mariëlle Ida Antoinette

N1 - Foreground = 80% ; Type of activity = Workshop ; Main leader = UT ; Type of audience = scientific community ; Size of audience = 30 ; Countries addressed = international ;

PY - 2015/4

Y1 - 2015/4

N2 - The success of a security attack crucially depends on time: the more time available to the attacker, the higher the probability of a successful attack. Formalisms such as Reliability block diagrams, Reliability graphs and Attack Countermeasure trees provide quantitative information about attack scenarios, but they are provably insufficient to model dependent actions which involve costs, skills, and time. In this presentation, we extend the Attack Countermeasure trees with a notion of time; inspired by the fact that there is a strong correlation between the amount of resources in which the attacker invests (in this case time) and probability that an attacker succeeds. This allows for an effective selection of countermeasures and rank them according to their resource consumption in terms of costs/skills of installing them and effectiveness in preventing an attack.

AB - The success of a security attack crucially depends on time: the more time available to the attacker, the higher the probability of a successful attack. Formalisms such as Reliability block diagrams, Reliability graphs and Attack Countermeasure trees provide quantitative information about attack scenarios, but they are provably insufficient to model dependent actions which involve costs, skills, and time. In this presentation, we extend the Attack Countermeasure trees with a notion of time; inspired by the fact that there is a strong correlation between the amount of resources in which the attacker invests (in this case time) and probability that an attacker succeeds. This allows for an effective selection of countermeasures and rank them according to their resource consumption in terms of costs/skills of installing them and effectiveness in preventing an attack.

KW - EC Grant Agreement nr.: FP7/2007-2013

KW - EC Grant Agreement nr.: FP7/318003

KW - EWI-25984

KW - IR-97667

KW - Counter measure trees

KW - time dependent analysis

KW - METIS-312583

KW - Attack trees

M3 - Conference contribution

SN - not assigned

SP - 1

EP - 5

BT - Proceedings of the 13th Workshop on Quantitative Aspects of Programming Languages and Systems (QAPL 2015)

PB - INRIA

CY - France

ER -

Kumar R, Guck D, Stoelinga MIA. Time dependent analysis with dynamic counter measure trees. In Proceedings of the 13th Workshop on Quantitative Aspects of Programming Languages and Systems (QAPL 2015). France: INRIA. 2015. p. 1-5.