English
Related papers

Related papers: ATM: a Logic for Quantitative Security Properties …

200 papers

Attack Trees (ATs) are a widely used tool for security analysis. ATs can be employed in quantitative security analysis through metrics, which assign a security value to an AT. Many different AT metrics exist, and there exist multiple…

Cryptography and Security · Computer Science 2024-01-19 Milan Lopuhaä-Zwakenberg

Risk assessment of cyber-physical systems, such as power plants, connected devices and IT-infrastructures has always been challenging: safety (i.e. absence of unintentional failures) and security (i.e. no disruptions due to attackers) are…

Cryptography and Security · Computer Science 2019-05-10 Étienne André , Didier Lime , Mathias Ramparison , Mariëlle Stoelinga

Attack-Defence Trees (ADTs) are well-suited to assess possible attacks to systems and the efficiency of counter-measures. In this paper, we first enrich the available constructs with reactive patterns that cover further security scenarios,…

Cryptography and Security · Computer Science 2019-10-24 Jaime Arias , Carlos E. Budde , Wojciech Penczek , Laure Petrucci , Mariëlle Stoelinga

Numerous analysis methods for quantitative attack tree analysis have been proposed. These algorithms compute relevant security metrics, i.e. performance indicators that quantify how good the security of a system is, such as the most likely…

Cryptography and Security · Computer Science 2022-09-29 Carlos E. Budde , Mariëlle Stoelinga

Context and Motivation Attack-Defense Trees (ADTs) are a graphical notation used to model and assess security requirements. ADTs are widely popular, as they can facilitate communication between different stakeholders involved in system…

Software Engineering · Computer Science 2024-04-10 Giovanna Broccia , Maurice H. ter Beek , Alberto Lluch Lafuente , Paola Spoletini , Alessio Ferrari

Attack trees (ATs) are popular graphical models for reasoning about the security of complex systems, allowing for the quantification of risk through so-called AT metrics. A large variety of different such AT metrics have been proposed, and…

Cryptography and Security · Computer Science 2025-11-19 Benedikt Peterseim , Milan Lopuhaä-Zwakenberg

Effective risk management in cybersecurity requires a thorough understanding of the interplay between attacker capabilities and defense strategies. Attack-Defense Trees (ADTs) are a commonly used methodology for representing this interplay;…

Cryptography and Security · Computer Science 2025-04-18 Danut-Valentin Copae , Reza Soltani , Milan Lopuhaä-Zwakenberg

Numerous analysis methods for quantitative attack tree analysis have been proposed. These algorithms compute relevant security metrics, i.e. performance indicators that quantify how good the security of a system is; typical metrics being…

Cryptography and Security · Computer Science 2022-12-13 Milan Lopuhaä-Zwakenberg , Carlos E. Budde , Mariëlle Stoelinga

Attack trees (ATs) are a widely deployed modelling technique to categorize potential attacks on a system. An attacker of such a system aims at doing as much damage as possible, but might be limited by a cost budget. The maximum possible…

Cryptography and Security · Computer Science 2023-04-13 Milan Lopuhaä-Zwakenberg , Mariëlle Stoelinga

Attack-defense trees are a novel methodology for graphical security modeling and assessment. The methodology includes visual, intuitive tree models whose analysis is supported by a rigorous mathematical formalism. Both, the intuitive and…

Cryptography and Security · Computer Science 2012-10-31 Barbara Kordy , Sjouke Mauw , Patrick Schweitzer

We provide an overview of three different query languages whose objective is to specify properties on the highly popular formalisms of fault trees (FTs) and attack trees (ATs). These are BFL, a Boolean Logic for FTs, PFL, a probabilistic…

Logic in Computer Science · Computer Science 2024-01-30 Stefano M. Nicoletti , Milan Lopuhaä-Zwakenberg , E. Moritz Hahn , Mariëlle Stoelinga

Attack trees are considered a useful tool for security modelling because they support qualitative as well as quantitative analysis. The quantitative approach is based on values associated to each node in the tree, expressing, for instance,…

Cryptography and Security · Computer Science 2019-01-11 Ahto Buldas , Olga Gadyatskaya , Aleksandr Lenin , Sjouke Mauw , Rolando Trujillo-Rasua

Security risk management can be applied on well-defined or existing systems; in this case, the objective is to identify existing vulnerabilities, assess the risks and provide for the adequate countermeasures. Security risk management can…

Cryptography and Security · Computer Science 2014-04-09 Stéphane Paul

Joint safety and security analysis of cyber-physical systems is a necessary step to correctly capture inter-dependencies between these properties. Attack-Fault Trees represent a combination of dynamic Fault Trees and Attack Trees and can be…

Cryptography and Security · Computer Science 2023-09-19 Raffaela Groner , Thomas Witte , Alexander Raschke , Sophie Hirn , Irdin Pekaric , Markus Frick , Matthias Tichy , Michael Felderer

Adequate risk assessment of safety critical systems needs to take both safety and security into account, as well as their interaction. A prominent methodology for modeling safety and security are attack-fault trees (AFTs), which combine the…

Cryptography and Security · Computer Science 2024-08-14 Milan Lopuhaä-Zwakenberg

Attack trees are a popular way to represent and evaluate potential security threats on systems or infrastructures. The goal of this work is to provide a framework allowing to express and check whether an attack tree is consistent with the…

Cryptography and Security · Computer Science 2018-02-12 Maxime Audinot , Sophie Pinchinat , Barbara Kordy

Ranking risks and countermeasures is one of the foremost goals of quantitative security analysis. One of the popular frameworks, used also in industrial practice, for this task are attack-defense trees. Standard quantitative analyses…

Cryptography and Security · Computer Science 2024-09-19 Florian Dorfhuber , Julia Eisentraut , Katharina Klioba , Jan Kretinsky

Attack-defense trees (ADTs) are a prominent graphical threat modeling method that is highly recommended for analyzing and communicating security-related information. Despite this, existing empirical studies of attack trees have established…

Cryptography and Security · Computer Science 2025-04-01 Nathan Daniel Schiele , Olga Gadyatskaya

The landscape of cyber threats grows more complex by the day. Advanced Persistent Threats carry out attack campaigns - e.g. operations Dream Job, Wocao, and WannaCry - against which cybersecurity practitioners must defend. To prioritise…

Cryptography and Security · Computer Science 2026-01-23 Stefano M. Nicoletti , Milan Lopuhaä-Zwakenberg , Mariëlle Stoelinga , Fabio Massacci , Carlos E. Budde

Advanced Persistent Threats (APTs) pose a significant security risk to organizations and industries. These attacks often lead to severe data breaches and compromise the system for a long time. Mitigating these sophisticated attacks is…

Cryptography and Security · Computer Science 2025-08-04 Ehsan Hallaji , Roozbeh Razavi-Far , Mehrdad Saif
‹ Prev 1 2 3 10 Next ›