Securing automated teller machines (ATMs), as critical and complex infrastructure, requires a precise understanding of the associated threats. This paper reports on the application of attack-defense trees to model and analyze the security of ATMs.We capture the most dangerous multi-stage attack scenarios applicable to ATM structures, and establish a practical experience report, where we re ect on the process of modeling ATM threats via attack-defense trees. In particular, we share our insights into the benets and drawbacks of attack-defense tree modeling, as well as best practices and lessons learned.
|Title of host publication||9th IFIP WG 8.1 Working Conference on The Practice of Enterprise Modeling (PoEM)|
|Place of Publication||Berlin|
|Number of pages||9|
|Publication status||Published - 2016|
|Name||Lecture Notes in Business Information Processing|
- EC Grant Agreement nr.: FP7/2007-2013
- EC Grant Agreement nr.: FP7/318003