English
Related papers

Related papers: Quantitative Questions on Attack-Defense Trees

200 papers

Numerous analysis methods for quantitative attack tree analysis have been proposed. These algorithms compute relevant security metrics, i.e. performance indicators that quantify how good the security of a system is, such as the most likely…

Cryptography and Security · Computer Science 2022-09-29 Carlos E. Budde , Mariëlle Stoelinga

Attack trees are considered a useful tool for security modelling because they support qualitative as well as quantitative analysis. The quantitative approach is based on values associated to each node in the tree, expressing, for instance,…

Cryptography and Security · Computer Science 2019-01-11 Ahto Buldas , Olga Gadyatskaya , Aleksandr Lenin , Sjouke Mauw , Rolando Trujillo-Rasua

Numerous analysis methods for quantitative attack tree analysis have been proposed. These algorithms compute relevant security metrics, i.e. performance indicators that quantify how good the security of a system is; typical metrics being…

Cryptography and Security · Computer Science 2022-12-13 Milan Lopuhaä-Zwakenberg , Carlos E. Budde , Mariëlle Stoelinga

Attack trees are a popular way to represent and evaluate potential security threats on systems or infrastructures. The goal of this work is to provide a framework allowing to express and check whether an attack tree is consistent with the…

Cryptography and Security · Computer Science 2018-02-12 Maxime Audinot , Sophie Pinchinat , Barbara Kordy

Ranking risks and countermeasures is one of the foremost goals of quantitative security analysis. One of the popular frameworks, used also in industrial practice, for this task are attack-defense trees. Standard quantitative analyses…

Cryptography and Security · Computer Science 2024-09-19 Florian Dorfhuber , Julia Eisentraut , Katharina Klioba , Jan Kretinsky

Context and Motivation Attack-Defense Trees (ADTs) are a graphical notation used to model and assess security requirements. ADTs are widely popular, as they can facilitate communication between different stakeholders involved in system…

Software Engineering · Computer Science 2024-04-10 Giovanna Broccia , Maurice H. ter Beek , Alberto Lluch Lafuente , Paola Spoletini , Alessio Ferrari

Domain-specific quantitative modeling and analysis approaches are fundamental in scenarios in which qualitative approaches are inappropriate or unfeasible. In this paper, we present a tool-supported approach to quantitative graph-based…

Cryptography and Security · Computer Science 2021-01-22 Maurice H. ter Beek , Axel Legay , Alberto Lluch Lafuente , Andrea Vandin

Graphical security models constitute a well-known, user-friendly way to represent the security of a system. These kinds of models are used by security experts to identify vulnerabilities and assess the security of a system. The manual…

Cryptography and Security · Computer Science 2023-09-26 Alyzia-Maria Konsta , Beatrice Spiga , Alberto Lluch Lafuente , Nicola Dragoni

Effective risk management in cybersecurity requires a thorough understanding of the interplay between attacker capabilities and defense strategies. Attack-Defense Trees (ADTs) are a commonly used methodology for representing this interplay;…

Cryptography and Security · Computer Science 2025-04-18 Danut-Valentin Copae , Reza Soltani , Milan Lopuhaä-Zwakenberg

Attack Trees are a graphical model of security used to study threat scenarios. While visually appealing and supported by solid theories and effective tools, one of their main drawbacks remains the amount of effort required by security…

Cryptography and Security · Computer Science 2024-09-13 Alyzia-Maria Konsta , Gemma Di Federico , Alberto Lluch Lafuente , Andrea Burattin

Critical infrastructure systems - for which high reliability and availability are paramount - must operate securely. Attack trees (ATs) are hierarchical diagrams that offer a flexible modelling language used to assess how systems can be…

Cryptography and Security · Computer Science 2024-05-20 Stefano M. Nicoletti , Milan Lopuhaä-Zwakenberg , E. Moritz Hahn , Mariëlle Stoelinga

Attack-defense trees (ADTs) are a prominent graphical threat modeling method that is highly recommended for analyzing and communicating security-related information. Despite this, existing empirical studies of attack trees have established…

Cryptography and Security · Computer Science 2025-04-01 Nathan Daniel Schiele , Olga Gadyatskaya

Attack graphs are a tool for analyzing security vulnerabilities that capture different and prospective attacks on a system. As a threat modeling tool, it shows possible paths that an attacker can exploit to achieve a particular goal.…

Attack trees and attack graphs are both common graphical threat models used by organizations to better understand possible cybersecurity threats. These models have been primarily seen as separate entities, to be used and researched in…

Cryptography and Security · Computer Science 2021-10-07 Nathan Daniel Schiele , Olga Gadyatskaya

In the design of software and cyber-physical systems, security is often perceived as a qualitative need, but can only be attained quantitatively. Especially when distributed components are involved, it is hard to predict and confront all…

Cryptography and Security · Computer Science 2018-03-30 Roberto Vigo , Flemming Nielson , Hanne Riis Nielson

Attack-Defence Trees (ADTs) are well-suited to assess possible attacks to systems and the efficiency of counter-measures. In this paper, we first enrich the available constructs with reactive patterns that cover further security scenarios,…

Cryptography and Security · Computer Science 2019-10-24 Jaime Arias , Carlos E. Budde , Wojciech Penczek , Laure Petrucci , Mariëlle Stoelinga

Joint safety and security analysis of cyber-physical systems is a necessary step to correctly capture inter-dependencies between these properties. Attack-Fault Trees represent a combination of dynamic Fault Trees and Attack Trees and can be…

Cryptography and Security · Computer Science 2023-09-19 Raffaela Groner , Thomas Witte , Alexander Raschke , Sophie Hirn , Irdin Pekaric , Markus Frick , Matthias Tichy , Michael Felderer

Recently security researchers have started to look into automated generation of attack trees from socio-technical system models. The obvious next step in this trend of automated risk analysis is automating the selection of security controls…

Cryptography and Security · Computer Science 2015-09-03 Olga Gadyatskaya

Risk assessment of cyber-physical systems, such as power plants, connected devices and IT-infrastructures has always been challenging: safety (i.e. absence of unintentional failures) and security (i.e. no disruptions due to attackers) are…

Cryptography and Security · Computer Science 2019-05-10 Étienne André , Didier Lime , Mathias Ramparison , Mariëlle Stoelinga

We present a mathematical setting for attack-defense trees, a classic graphical model to specify attacks and countermeasures. We equip attack-defense trees with (trace) language semantics allowing to have an original dynamic interpretation…

Formal Languages and Automata Theory · Computer Science 2023-12-04 Thomas Brihaye , Sophie Pinchinat , Alexandre Terefenko
‹ Prev 1 2 3 10 Next ›