Transforming Graphical System Models to Graphical Attack Models

Marieta Georgieva Ivanova, Christian W. Probst, Rene Rydhof Hansen, Florian Kammüller

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

276 Downloads (Pure)

Abstract

Manually identifying possible attacks on an organisation is a complex undertaking; many different factors must be considered, and the resulting attack scenarios can be complex and hard to maintain as the organisation changes. System models provide a systematic representation of organisations that helps in structuring attack identification and can integrate physical, virtual, and social components. These models form a solid basis for guiding the manual identification of attack scenarios. Their main benefit, however, is in the analytic generation of attacks. In this work we present a systematic approach to transforming graphical system models to graphical attack models in the form of attack trees. Based on an asset in the model, our transformations result in an attack tree that represents attacks by all possible actors in the model, after which the actor in question has obtained the asset.
Original languageEnglish
Title of host publicationRevised Selected Papers from the 2nd International Workshop on Graphical Models for Security (GraMSec 2015)
PublisherSpringer
Publication date2016
Pages82-96
ISBN (Print)978-3-319-29967-9
ISBN (Electronic)978-3-319-29968-6
DOIs
Publication statusPublished - 2016
EventThe Second International Workshop on Graphical Models for Security - Verona, Italy
Duration: 13 Jul 201513 Jul 2015

Conference

ConferenceThe Second International Workshop on Graphical Models for Security
CountryItaly
CityVerona
Period13/07/201513/07/2015
SeriesLecture Notes in Computer Science
Volume9390
ISSN0302-9743

Cite this

Ivanova, M. G., Probst, C. W., Hansen, R. R., & Kammüller, F. (2016). Transforming Graphical System Models to Graphical Attack Models. In Revised Selected Papers from the 2nd International Workshop on Graphical Models for Security (GraMSec 2015) (pp. 82-96). Springer. Lecture Notes in Computer Science, Vol.. 9390 https://doi.org/10.1007/978-3-319-29968-6_6