Projects per year
Abstract
This thesis investigates the automatic synthesis of attack trees and the application of countermeasures through observability manipulation to enhance a system’s security. Traditionally, security experts manually design attack trees and countermeasures, a tedious process prone to errors.
To address this, the research in the thesis examines challenges in automatic attack tree generation, identifies a lack of comprehensive methods in the field, and proposes solutions through a published survey. The survey highlighted limitations such as scalability, high prerequisites, and static results while proposing dynamic approaches using system logs.
Building on this, the thesis explores how process mining techniques can be applied to logs to derive attack trees, as demonstrated in Attack Tree Generation via Process Mining, where results showed the potential for creating initial attack trees affected by log quality and attacker behavior.
The thesis further investigates countermeasures by controlling an attacker’s observability, modeled through Partially Observable Markov Decision Processes (POMDPs). Two papers addressed this: the first formalized the Optimal Observability Problem (OOP) and proposed algorithms to adjust observability within a budget, while the second focused on lattice POMDPs, a subclass of POMDPs representing attack trees with AND/OR operators and hidden states, to compute optimal strategies and accurate bounds for rewards and costs.
These contributions lay the groundwork for future research, including dynamic defenses, improved methods for handling more complex attack tree operators, and exploring general reward structures. Overall, this thesis provides a comprehensive framework for automating security analysis and countermeasure design, offering practical tools and insights to advance the field.
To address this, the research in the thesis examines challenges in automatic attack tree generation, identifies a lack of comprehensive methods in the field, and proposes solutions through a published survey. The survey highlighted limitations such as scalability, high prerequisites, and static results while proposing dynamic approaches using system logs.
Building on this, the thesis explores how process mining techniques can be applied to logs to derive attack trees, as demonstrated in Attack Tree Generation via Process Mining, where results showed the potential for creating initial attack trees affected by log quality and attacker behavior.
The thesis further investigates countermeasures by controlling an attacker’s observability, modeled through Partially Observable Markov Decision Processes (POMDPs). Two papers addressed this: the first formalized the Optimal Observability Problem (OOP) and proposed algorithms to adjust observability within a budget, while the second focused on lattice POMDPs, a subclass of POMDPs representing attack trees with AND/OR operators and hidden states, to compute optimal strategies and accurate bounds for rewards and costs.
These contributions lay the groundwork for future research, including dynamic defenses, improved methods for handling more complex attack tree operators, and exploring general reward structures. Overall, this thesis provides a comprehensive framework for automating security analysis and countermeasure design, offering practical tools and insights to advance the field.
| Original language | English |
|---|
| Publisher | Technical University of Denmark |
|---|---|
| Number of pages | 160 |
| Publication status | Published - 2025 |
Fingerprint
Dive into the research topics of 'Synthesis and Optimal Observability for Attack Trees'. Together they form a unique fingerprint.Projects
- 1 Finished
-
IoT Security Risk Modelling and Assessment
Konsta, A.-M. (PhD Student), Lluch Lafuente, A. (Main Supervisor), Dragoni, N. (Supervisor), Beek, M. T. (Examiner) & Vandin, A. (Examiner)
01/02/2022 → 02/05/2025
Project: PhD