Streamlining Attack Tree Generation: A Fragment-Based Approach
| Autor: | Pekaric, Irdin, Frick, Markus, Adigun, Jubril Gbolahan, Groner, Raffaela, Witte, Thomas, Raschke, Alexander, Felderer, Michael, Tichy, Matthias |
|---|---|
| Rok vydání: | 2023 |
| Předmět: | |
| Druh dokumentu: | Working Paper |
| Popis: | Attack graphs are a tool for analyzing security vulnerabilities that capture different and prospective attacks on a system. As a threat modeling tool, it shows possible paths that an attacker can exploit to achieve a particular goal. However, due to the large number of vulnerabilities that are published on a daily basis, they have the potential to rapidly expand in size. Consequently, this necessitates a significant amount of resources to generate attack graphs. In addition, generating composited attack models for complex systems such as self-adaptive or AI is very difficult due to their nature to continuously change. In this paper, we present a novel fragment-based attack graph generation approach that utilizes information from publicly available information security databases. Furthermore, we also propose a domain-specific language for attack modeling, which we employ in the proposed attack graph generation approach. Finally, we present a demonstrator example showcasing the attack generator's capability to replicate a verified attack chain, as previously confirmed by security experts. Comment: To appear at the 57th Hawaii International Conference on Social Systems (HICSS-57), Honolulu, Hawaii. 2024 |
| Databáze: | arXiv |
| Externí odkaz: |
|