English

Streamlining Attack Tree Generation: A Fragment-Based Approach

Cryptography and Security 2023-10-03 v1 Information Retrieval

Abstract

Attack graphs are a tool for analyzing security vulnerabilities that capture different and prospective attacks on a system. As a threat modeling tool, it shows possible paths that an attacker can exploit to achieve a particular goal. However, due to the large number of vulnerabilities that are published on a daily basis, they have the potential to rapidly expand in size. Consequently, this necessitates a significant amount of resources to generate attack graphs. In addition, generating composited attack models for complex systems such as self-adaptive or AI is very difficult due to their nature to continuously change. In this paper, we present a novel fragment-based attack graph generation approach that utilizes information from publicly available information security databases. Furthermore, we also propose a domain-specific language for attack modeling, which we employ in the proposed attack graph generation approach. Finally, we present a demonstrator example showcasing the attack generator's capability to replicate a verified attack chain, as previously confirmed by security experts.

Keywords

Cite

@article{arxiv.2310.00654,
  title  = {Streamlining Attack Tree Generation: A Fragment-Based Approach},
  author = {Irdin Pekaric and Markus Frick and Jubril Gbolahan Adigun and Raffaela Groner and Thomas Witte and Alexander Raschke and Michael Felderer and Matthias Tichy},
  journal= {arXiv preprint arXiv:2310.00654},
  year   = {2023}
}

Comments

To appear at the 57th Hawaii International Conference on Social Systems (HICSS-57), Honolulu, Hawaii. 2024

R2 v1 2026-06-28T12:37:31.308Z