Automated Generation of Attack Trees

2014 IEEE 27th Computer Security Foundations Symposium Pub Date : 2014-07-19 DOI:10.1109/CSF.2014.31

R. Vigo, F. Nielson, H. R. Nielson

{"title":"Automated Generation of Attack Trees","authors":"R. Vigo, F. Nielson, H. R. Nielson","doi":"10.1109/CSF.2014.31","DOIUrl":null,"url":null,"abstract":"Attack trees are widely used to represent threat scenarios in a succinct and intuitive manner, suitable for conveying security information to non-experts. The manual construction of such objects relies on the creativity and experience of specialists, and therefore it is error-prone and impracticable for large systems. Nonetheless, the automated generation of attack trees has only been explored in connection to computer networks and levering rich models, whose analysis typically leads to an exponential blow-up of the state space. We propose a static analysis approach where attack trees are automatically inferred from a process algebraic specification in a syntax-directed fashion, encompassing a great many application domains and avoiding incurring systematically an exponential explosion. Moreover, we show how the standard propositional denotation of an attack tree can be used to phrase interesting quantitative problems, that can be solved through an encoding into Satisfiability Modulo Theories. The flexibility and effectiveness of the approach is demonstrated on the study of a national-scale authentication system, whose attack tree is computed thanks to a Java implementation of the framework.","PeriodicalId":285965,"journal":{"name":"2014 IEEE 27th Computer Security Foundations Symposium","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2014-07-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"76","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 IEEE 27th Computer Security Foundations Symposium","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSF.2014.31","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 76

Abstract

Attack trees are widely used to represent threat scenarios in a succinct and intuitive manner, suitable for conveying security information to non-experts. The manual construction of such objects relies on the creativity and experience of specialists, and therefore it is error-prone and impracticable for large systems. Nonetheless, the automated generation of attack trees has only been explored in connection to computer networks and levering rich models, whose analysis typically leads to an exponential blow-up of the state space. We propose a static analysis approach where attack trees are automatically inferred from a process algebraic specification in a syntax-directed fashion, encompassing a great many application domains and avoiding incurring systematically an exponential explosion. Moreover, we show how the standard propositional denotation of an attack tree can be used to phrase interesting quantitative problems, that can be solved through an encoding into Satisfiability Modulo Theories. The flexibility and effectiveness of the approach is demonstrated on the study of a national-scale authentication system, whose attack tree is computed thanks to a Java implementation of the framework.

查看原文本刊更多论文

自动生成攻击树

攻击树被广泛使用，以简洁直观的方式表示威胁场景，适合向非专家传达安全信息。这些对象的手工构建依赖于专家的创造力和经验，因此对于大型系统来说容易出错且不切实际。尽管如此，攻击树的自动生成只在与计算机网络和利用丰富模型的连接中进行了探索，这些模型的分析通常会导致状态空间的指数级爆炸。我们提出了一种静态分析方法，其中攻击树以语法导向的方式从过程代数规范中自动推断出来，涵盖了许多应用领域，避免了系统的指数爆炸。此外，我们还展示了如何使用攻击树的标准命题表示来表达有趣的定量问题，这些问题可以通过编码到可满足模理论中来解决。通过对一个国家规模的认证系统的研究，证明了该方法的灵活性和有效性，并通过Java实现了该框架的攻击树计算。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2014 IEEE 27th Computer Security Foundations Symposium

自引率

0.00%

发文量