Abstract

Numerous analysis methods for quantitative attack tree analysis have been proposed. These algorithms compute relevant security metrics, i.e. performance indicators that quantify how good the security of a system is; typical metrics being the most likely attack, the cheapest, or the most damaging one. However, existing methods are only geared towards specific metrics or do not work on general attack trees. This paper classifies attack trees in two dimensions: proper trees vs. directed acyclic graphs (i.e. with shared subtrees); and static vs. dynamic gates. For three out of these four classes, we propose novel algorithms that work over a generic attribute domain, encompassing a large number of concrete security metrics defined on the attack tree semantics; dynamic attack trees with directed acyclic graph structure are left as an open problem. We also analyse the computational complexity of our methods.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Efficient Algorithms for Quantitative Attack Tree Analysis
Carlos E Budde ... Mariëlle Stoelinga
-
Carlos E Budde, et. al.Carlos E Budde ... Mariëlle Stoelinga
01 Jun 2021
Truth or dare : quantitative security risk analysis via attack trees
Rajesh Kumar
-
Rajesh KumarRajesh Kumar
15 Oct 2018
A systematic evaluation of cybersecurity metrics for dynamic networks
Simon Yusuf Enoch ... Dong Seong Kim
Computer Networks | VOL. 144
Simon Yusuf Enoch, et. al.Simon Yusuf Enoch ... Dong Seong Kim
31 Jul 2018
Evaluating the Effectiveness of Security Metrics for Dynamic Networks
Simon Enoch Yusuf ... Mengmeng Ge
-
Simon Enoch Yusuf, et. al.Simon Enoch Yusuf ... Mengmeng Ge
01 Aug 2017
View more papers

More From: IEEE Transactions on Dependable and Secure Computing

Paper Title
Journal
Date
Author
Secure Data Integrity Check Based on Verified Public Key Encryption With Equality Test for Multi-Cloud Storage
Wenchao Li ... Wily Susilo
IEEE Transactions on Dependable and Secure Computing | VOL. 21
Wenchao Li, et. al.Wenchao Li ... Wily Susilo
01 Nov 2024
Decentralized Multi-Client Functional Encryption for Inner Product With Applications to Federated Learning
Xinyuan Qian ... Yuguang Fang
IEEE Transactions on Dependable and Secure Computing | VOL. 21
Xinyuan Qian, et. al.Xinyuan Qian ... Yuguang Fang
01 Nov 2024
Improving Prefix Hijacking Defense of RPKI From an Evolutionary Game Perspective
Man Zeng ... Pei Zhang
IEEE Transactions on Dependable and Secure Computing | VOL. 21
Man Zeng, et. al.Man Zeng ... Pei Zhang
01 Nov 2024
A Secure Two-Factor Authentication Key Exchange Scheme
Yunxia Han ... Chunxiang Xu
IEEE Transactions on Dependable and Secure Computing | VOL. 21
Yunxia Han, et. al.Yunxia Han ... Chunxiang Xu
01 Nov 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.