Transforming Graphical System Models To Graphical Attack Models

Marieta Georgieva Ivanova, Christian W. Probst, René Rydhof Hansen, Florian Kammüller

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    19 Citations (Scopus)
    98 Downloads (Pure)

    Abstract

    Manually identifying possible attacks on an organisation is a complex undertaking; many different factors must be considered, and the resulting attack scenarios can be complex and hard to maintain as the organisation changes. System models provide a systematic representation of organisations that helps in structuring attack identification and can integrate physical, virtual, and social components. These models form a solid basis for guiding the manual identification of attack scenarios. Their main benefit, however, is in the analytic generation of attacks. In this work we present a systematic approach to transforming graphical system models to graphical attack models in the form of attack trees. Based on an asset in the model, our transformations result in an attack tree that represents attacks by all possible actors in the model, after which the actor in question has obtained the asset.
    Original languageEnglish
    Title of host publicationGraphical Models for Security
    Subtitle of host publicationSecond International Workshop, GraMSec 2015, Verona, Italy, July 13, 2015, Revised Selected Papers
    EditorsSjouke Mauw, Barbara Kordy, Sushil Jajodia
    Place of PublicationLondon
    PublisherSpringer
    Pages82-96
    Number of pages2
    ISBN (Electronic)978-3-319-29968-6
    ISBN (Print)978-3-319-29967-9
    DOIs
    Publication statusPublished - 13 Jul 2015
    Event2nd International Workshop on Graphical Models for Security, GraMSec 2015 - Verona, Italy
    Duration: 13 Jul 201513 Jul 2015
    Conference number: 2

    Publication series

    NameLecture notes in computer science
    PublisherSpringer
    Volume9390
    ISSN (Print)0302-9743
    ISSN (Electronic)1611-3349

    Workshop

    Workshop2nd International Workshop on Graphical Models for Security, GraMSec 2015
    Abbreviated titleGraMSec
    CountryItaly
    CityVerona
    Period13/07/1513/07/15

    Keywords

    • EC Grant Agreement nr.: FP7/2007-2013
    • EC Grant Agreement nr.: FP7/318003

    Fingerprint Dive into the research topics of 'Transforming Graphical System Models To Graphical Attack Models'. Together they form a unique fingerprint.

    Cite this