Efficient and Generic Algorithms for Quantitative Attack Tree Analysis
| Autor: | Milan Lopuhaa-Zwakenberg, Carlos E. Budde, Marielle Stoelinga |
|---|---|
| Přispěvatelé: | Formal Methods and Tools, Digital Society Institute |
| Jazyk: | angličtina |
| Rok vydání: | 2022 |
| Předmět: |
FOS: Computer and information sciences
Attack trees Computer Science - Cryptography and Security computational complexity formal methods G.2.3 BDD algorithms security metrics 2023 OA procedure Computer Science - Data Structures and Algorithms Data Structures and Algorithms (cs.DS) F.2.2 Electrical and Electronic Engineering F.1.0 Cryptography and Security (cs.CR) |
| Zdroj: | IEEE transactions on dependable and secure computing. IEEE |
| ISSN: | 1545-5971 |
| Popis: | Numerous analysis methods for quantitative attack tree analysis have been proposed. These algorithms compute relevant security metrics, i.e. performance indicators that quantify how good the security of a system is; typical metrics being the most likely attack, the cheapest, or the most damaging one. However, existing methods are only geared towards specific metrics or do not work on general attack trees. This paper classifies attack trees in two dimensions: proper trees vs. directed acyclic graphs (i.e. with shared subtrees); and static vs. dynamic gates. For three out of these four classes, we propose novel algorithms that work over a generic attribute domain, encompassing a large number of concrete security metrics defined on the attack tree semantics; dynamic attack trees with directed acyclic graph structure are left as an open problem. We also analyse the computational complexity of our methods. Comment: Funding: ERC Consolidator (Grant Number: 864075), and European Union (Grant Number: 101067199-ProSVED), in IEEE Transactions on Dependable and Secure Computing, 2022. arXiv admin note: substantial text overlap with arXiv:2105.07511 |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|