Pareto Efficient Solutions of Attack-Defence Trees

Zaruhi Aslanyan, Flemming Nielson

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

Abstract

Attack-defence trees are a promising approach for representing threat scenarios and possible countermeasures in a concise and intuitive manner. An attack-defence tree describes the interaction between an attacker and a defender, and is evaluated by assigning parameters to the nodes, such as probability or cost of attacks and defences. In case of multiple parameters most analytical methods optimise one parameter at a time, e.g., minimise cost or maximise probability of an attack. Such methods may lead to sub-optimal solutions when optimising conflicting parameters, e.g., minimising cost while maximising probability.

In order to tackle this challenge, we devise automated techniques that optimise all parameters at once. Moreover, in the case of conflicting parameters our techniques compute the set of all optimal solutions, defined in terms of Pareto efficiency. The developments are carried out on a new and general formalism for attack-defence trees.
Original languageEnglish
Title of host publicationPrinciples of Security and Trust : Proceedings of the 4th International Conference, POST 2015
EditorsRiccardo Focardi, Andrew Myers
PublisherSpringer
Publication date2015
Pages95-114
ISBN (Print)978-3-662-46665-0
ISBN (Electronic)978-3-662-46666-7
DOIs
Publication statusPublished - 2015
Event4th International Conference on Principles of Security and Trust - London, United Kingdom
Duration: 11 Apr 201518 Apr 2015
Conference number: 4
http://www.etaps.org/index.php/2015/post

Conference

Conference4th International Conference on Principles of Security and Trust
Number4
CountryUnited Kingdom
CityLondon
Period11/04/201518/04/2015
OtherHeld as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2015
Internet address
SeriesLecture Notes in Computer Science
Volume9036
ISSN0302-9743

Keywords

  • Attack-defence trees
  • attack trees
  • countermeasures
  • security assessment
  • Pareto efficiency
  • multiple criteria

Cite this

Aslanyan, Z., & Nielson, F. (2015). Pareto Efficient Solutions of Attack-Defence Trees. In R. Focardi, & A. Myers (Eds.), Principles of Security and Trust: Proceedings of the 4th International Conference, POST 2015 (pp. 95-114). Springer. Lecture Notes in Computer Science, Vol.. 9036 https://doi.org/10.1007/978-3-662-46666-7_6