Attack Countermeasure Trees: A Non-state-space Approach Towards Analyzing Security and Finding Optimal Countermeasure Set

Loading...
Thumbnail Image

Date

2010

Journal Title

Journal ISSN

Volume Title

Repository Usage Stats

652
views
5514
downloads

Abstract

Attack tree (AT) is one of the widely used non-statespace

models in security analysis. The basic formalism of AT

does not take into account defense mechanisms. Defense trees

(DTs) have been developed to investigate the effect of defense

mechanisms usinghg measures such as attack cost, security

investment cost, return on attack (ROA) and return on investment

(ROI). DT, however, places defense mechanisms only at the

leaf nodes and the corresponding ROI/ROA analysis does not

incorporate the probabilities of attack. In attack response tree

(ART), attack and response are both captured but ART suffers

from the problem of state-space explosion, since solution of

ART is obtained by means of a state space model. In this

paper, we present a novel attack tree paradigm called attack

countermeasure tree (ACT) which avoids the generation and

solution of the state-space model and takes into account attacks as

well as countermeasures (in the form of detection and mitigation

events). In ACT, detection and mitigation are allowed not just at

the leaf node but also at the intermediate nodes while at the same

time the state-space explosion problem is avoided in its analysis.

We use single and multiobjective optimization to find optimal

countermeasures under different constraints. We illustrate the

features of ACT using several case studies.

Description

Provenance

Citation

Citation

Roy, Arpan (2010). Attack Countermeasure Trees: A Non-state-space Approach Towards Analyzing Security and Finding Optimal Countermeasure Set. Master's thesis, Duke University. Retrieved from https://hdl.handle.net/10161/3148.

Collections


Except where otherwise noted, student scholarship that was shared on DukeSpace after 2009 is made available to the public under a Creative Commons Attribution / Non-commercial / No derivatives (CC-BY-NC-ND) license. All rights in student work shared on DukeSpace before 2009 remain with the author and/or their designee, whose permission may be required for reuse.