Automated Generation of Attack Trees

Roberto Vigo; Flemming Nielson; Hanne Riis Nielson

doi:10.1109/CSF.2014.31

Automated Generation of Attack Trees

Roberto Vigo, Flemming Nielson, Hanne Riis Nielson

Department of Applied Mathematics and Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Article in proceedings › Research › peer-review

Abstract

Attack trees are widely used to represent threat scenarios in a succinct and intuitive manner, suitable for conveying security information to non-experts. The manual construction of such objects relies on the creativity and experience of specialists, and therefore it is error-prone and impracticable for large systems. Nonetheless, the automated generation of attack trees has only been explored in connection to computer networks and levering rich models, whose analysis typically leads to an exponential blow-up of the state space. We propose a static analysis approach where attack trees are automatically inferred from a process algebraic specification in a syntax-directed fashion, encompassing a great many application domains and avoiding incurring systematically an exponential explosion. Moreover, we show how the standard propositional denotation of an attack tree can be used to phrase interesting quantitative problems, that can be solved through an encoding into Satisfiability Modulo Theories. The flexibility and effectiveness of the approach is demonstrated on the study of a national-scale authentication system, whose attack tree is computed thanks to a Java implementation of the framework.

Original language	English
Title of host publication	Proceedings of the IEEE 27th Computer Security Foundations Symposium, CSF 2014
Publisher	IEEE
Publication date	2014
Pages	337-350
ISBN (Print)	978-1-4799-4290-9
DOIs	https://doi.org/10.1109/CSF.2014.31
Publication status	Published - 2014
Event	2014 IEEE 27th Computer Security Foundations Symposium - Vienna, Austria Duration: 19 Jul 2014 → 22 Jul 2014 Conference number: 27

Conference

Conference	2014 IEEE 27th Computer Security Foundations Symposium
Number	27
Country/Territory	Austria
City	Vienna
Period	19/07/2014 → 22/07/2014

Keywords

Computing and Processing
Attack tree generation
Attack trees
Calculus
Cryptography
Input variables
Mobile communication
Quality Calculus
Satisfiability Modulo Theory
Semantics
Syntactics

Access to Document

10.1109/CSF.2014.31

OpenUrl availability

Full text

Cite this

@inproceedings{10e3640ce1364ebebaa493844b9f6527,

title = "Automated Generation of Attack Trees",

abstract = "Attack trees are widely used to represent threat scenarios in a succinct and intuitive manner, suitable for conveying security information to non-experts. The manual construction of such objects relies on the creativity and experience of specialists, and therefore it is error-prone and impracticable for large systems. Nonetheless, the automated generation of attack trees has only been explored in connection to computer networks and levering rich models, whose analysis typically leads to an exponential blow-up of the state space. We propose a static analysis approach where attack trees are automatically inferred from a process algebraic specification in a syntax-directed fashion, encompassing a great many application domains and avoiding incurring systematically an exponential explosion. Moreover, we show how the standard propositional denotation of an attack tree can be used to phrase interesting quantitative problems, that can be solved through an encoding into Satisfiability Modulo Theories. The flexibility and effectiveness of the approach is demonstrated on the study of a national-scale authentication system, whose attack tree is computed thanks to a Java implementation of the framework.",

keywords = "Computing and Processing, Attack tree generation, Attack trees, Calculus, Cryptography, Input variables, Mobile communication, Quality Calculus, Satisfiability Modulo Theory, Semantics, Syntactics",

author = "Roberto Vigo and Flemming Nielson and Nielson, {Hanne Riis}",

year = "2014",

doi = "10.1109/CSF.2014.31",

language = "English",

isbn = "978-1-4799-4290-9",

pages = "337--350",

booktitle = "Proceedings of the IEEE 27th Computer Security Foundations Symposium, CSF 2014",

publisher = "IEEE",

address = "United States",

note = "2014 IEEE 27th Computer Security Foundations Symposium, CSF 2014 ; Conference date: 19-07-2014 Through 22-07-2014",

}

TY - GEN

T1 - Automated Generation of Attack Trees

AU - Vigo, Roberto

AU - Nielson, Flemming

AU - Nielson, Hanne Riis

N1 - Conference code: 27

PY - 2014

Y1 - 2014

N2 - Attack trees are widely used to represent threat scenarios in a succinct and intuitive manner, suitable for conveying security information to non-experts. The manual construction of such objects relies on the creativity and experience of specialists, and therefore it is error-prone and impracticable for large systems. Nonetheless, the automated generation of attack trees has only been explored in connection to computer networks and levering rich models, whose analysis typically leads to an exponential blow-up of the state space. We propose a static analysis approach where attack trees are automatically inferred from a process algebraic specification in a syntax-directed fashion, encompassing a great many application domains and avoiding incurring systematically an exponential explosion. Moreover, we show how the standard propositional denotation of an attack tree can be used to phrase interesting quantitative problems, that can be solved through an encoding into Satisfiability Modulo Theories. The flexibility and effectiveness of the approach is demonstrated on the study of a national-scale authentication system, whose attack tree is computed thanks to a Java implementation of the framework.

AB - Attack trees are widely used to represent threat scenarios in a succinct and intuitive manner, suitable for conveying security information to non-experts. The manual construction of such objects relies on the creativity and experience of specialists, and therefore it is error-prone and impracticable for large systems. Nonetheless, the automated generation of attack trees has only been explored in connection to computer networks and levering rich models, whose analysis typically leads to an exponential blow-up of the state space. We propose a static analysis approach where attack trees are automatically inferred from a process algebraic specification in a syntax-directed fashion, encompassing a great many application domains and avoiding incurring systematically an exponential explosion. Moreover, we show how the standard propositional denotation of an attack tree can be used to phrase interesting quantitative problems, that can be solved through an encoding into Satisfiability Modulo Theories. The flexibility and effectiveness of the approach is demonstrated on the study of a national-scale authentication system, whose attack tree is computed thanks to a Java implementation of the framework.

KW - Computing and Processing

KW - Attack tree generation

KW - Attack trees

KW - Calculus

KW - Cryptography

KW - Input variables

KW - Mobile communication

KW - Quality Calculus

KW - Satisfiability Modulo Theory

KW - Semantics

KW - Syntactics

U2 - 10.1109/CSF.2014.31

DO - 10.1109/CSF.2014.31

M3 - Article in proceedings

SN - 978-1-4799-4290-9

SP - 337

EP - 350

BT - Proceedings of the IEEE 27th Computer Security Foundations Symposium, CSF 2014

PB - IEEE

T2 - 2014 IEEE 27th Computer Security Foundations Symposium

Y2 - 19 July 2014 through 22 July 2014

ER -

Automated Generation of Attack Trees

Abstract

Conference

Keywords

Access to Document

OpenUrl availability

Fingerprint

Cite this