TY - GEN
T1 - Using attack-defense trees to analyze threats and countermeasures in an ATM: A case study
AU - Fraile, Marlon
AU - Ford, Margaret
AU - Gadyatskaya, Olga
AU - Kumar, Rajesh
AU - Stoelinga, Mariëlle Ida Antoinette
AU - Trujillo-Rasua, Rolando
N1 - Foreground = 100%;
Type of activity = conference;
Main leader = GMVS;
Type of audience = scientific community;
Size of audience = 25;
Countries addressed = international;
PY - 2016
Y1 - 2016
N2 - Securing automated teller machines (ATMs), as critical and complex infrastructure, requires a precise understanding of the associated threats. This paper reports on the application of attack-defense trees to model and analyze the security of ATMs.We capture the most dangerous multi-stage attack scenarios applicable to ATM structures, and establish a practical experience report, where we re ect on the process of modeling ATM threats via attack-defense trees. In particular, we share our insights into the benets and drawbacks of attack-defense tree modeling, as well as best practices and lessons learned.
AB - Securing automated teller machines (ATMs), as critical and complex infrastructure, requires a precise understanding of the associated threats. This paper reports on the application of attack-defense trees to model and analyze the security of ATMs.We capture the most dangerous multi-stage attack scenarios applicable to ATM structures, and establish a practical experience report, where we re ect on the process of modeling ATM threats via attack-defense trees. In particular, we share our insights into the benets and drawbacks of attack-defense tree modeling, as well as best practices and lessons learned.
KW - EWI-27289
KW - EC Grant Agreement nr.: FP7/2007-2013
KW - IR-101626
KW - METIS-318548
KW - EC Grant Agreement nr.: FP7/318003
U2 - 10.1007/978-3-319-48393-1_24
DO - 10.1007/978-3-319-48393-1_24
M3 - Conference contribution
SN - 978-3-319-48392-4
T3 - Lecture Notes in Business Information Processing
SP - 326
EP - 334
BT - 9th IFIP WG 8.1 Working Conference on The Practice of Enterprise Modeling (PoEM)
PB - Springer
CY - Berlin
ER -