Attack Countermeasure Trees: A Non-state-space Approach Towards Analyzing Security and Finding Optimal Countermeasure Set

Loading...
Thumbnail Image

Date

2010

Journal Title

Journal ISSN

Volume Title

Repository Usage Stats

645
views
5491
downloads

Abstract

Attack tree (AT) is one of the widely used non-statespace

models in security analysis. The basic formalism of AT

does not take into account defense mechanisms. Defense trees

(DTs) have been developed to investigate the effect of defense

mechanisms usinghg measures such as attack cost, security

investment cost, return on attack (ROA) and return on investment

(ROI). DT, however, places defense mechanisms only at the

leaf nodes and the corresponding ROI/ROA analysis does not

incorporate the probabilities of attack. In attack response tree

(ART), attack and response are both captured but ART suffers

from the problem of state-space explosion, since solution of

ART is obtained by means of a state space model. In this

paper, we present a novel attack tree paradigm called attack

countermeasure tree (ACT) which avoids the generation and

solution of the state-space model and takes into account attacks as

well as countermeasures (in the form of detection and mitigation

events). In ACT, detection and mitigation are allowed not just at

the leaf node but also at the intermediate nodes while at the same

time the state-space explosion problem is avoided in its analysis.

We use single and multiobjective optimization to find optimal

countermeasures under different constraints. We illustrate the

features of ACT using several case studies.

Type

Master's thesis

Department

Electrical and Computer Engineering

Description

Provenance

Citation

Citation

Roy, Arpan (2010). Attack Countermeasure Trees: A Non-state-space Approach Towards Analyzing Security and Finding Optimal Countermeasure Set. Master's thesis, Duke University. Retrieved from https://hdl.handle.net/10161/3148.

Collections


Dukes student scholarship is made available to the public using a Creative Commons Attribution / Non-commercial / No derivative (CC-BY-NC-ND) license.