Skip to main content
SpringerLink
Log in

Semi-automatically Augmenting Attack Trees Using an Annotated Attack Tree Library

  • Conference paper
  • First Online:
Security and Trust Management (STM 2018)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11091))

Included in the following conference series:

Abstract

We present a method for assisting the semi-automatic creation of attack trees. Our method allows to explore a library of attack trees, select elements from this library that can be attached to an attack tree in construction, and determine how the attachment should be done. The process is supported by a predicate-based formal annotation of attack trees. To show the feasibility of our approach, we describe the process for automatically building a library of annotated attack trees from standard vulnerability descriptions in a publicly available online resource, using information extraction techniques. Then, we show how attack trees manually constructed from high level definitions of attack patterns can be augmented by attaching trees from this library.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://nvd.nist.gov/General.

  2. 2.

    https://capec.mitre.org/index.html.

  3. 3.

    https://capec.mitre.org/data/definitions/263.html.

  4. 4.

    http://cve.mitre.org/cve/.

  5. 5.

    Available in https://nvd.nist.gov/vuln/data-feed. The data feeds are available in JSON and XML formats. For this case-study, we used the JSON releases.

  6. 6.

    http://www.swi-prolog.org/.

  7. 7.

    The code and resources developed for our implementation are available at https://github.com/yramirezc/lib-annotated-attack-trees.

  8. 8.

    https://stanfordnlp.github.io/CoreNLP/history.html.

  9. 9.

    https://github.com/yuce/pyswip.

  10. 10.

    https://nvd.nist.gov/Products/CPE.

References

  1. Audinot, M., Pinchinat, S., Kordy, B.: Is my attack tree correct? In: Foley, S.N., Gollmann, D., Snekkenes, E. (eds.) ESORICS 2017 Part I. LNCS, vol. 10492, pp. 83–102. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66402-6_7

    Chapter  Google Scholar 

  2. Chen, D., Mannin, C.: A fast and accurate dependency parser using neural networks. In: Proceedings of the 2014 Conference on Empirical Methods in Natural Language Processing (EMNLP), pp. 740–750 (2014)

    Google Scholar 

  3. De Marneffe, M.C., Manning, C.D.: Stanford typed dependencies manual. Technical report, Stanford University (2008)

    Google Scholar 

  4. Fraile, M., Ford, M., Gadyatskaya, O., Kumar, R., Stoelinga, M., Trujillo-Rasua, R.: Using attack-defense trees to analyze threats and countermeasures in an ATM: a case study. In: Horkoff, J., Jeusfeld, M.A., Persson, A. (eds.) PoEM 2016. LNBIP, vol. 267, pp. 326–334. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-48393-1_24

    Chapter  Google Scholar 

  5. Gadyatskaya, O.: How to generate security cameras: towards defence generation for socio-technical systems. In: Mauw, S., Kordy, B., Jajodia, S. (eds.) GraMSec 2015. LNCS, vol. 9390, pp. 50–65. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-29968-6_4

    Chapter  Google Scholar 

  6. Gadyatskaya, O., Jhawar, R., Mauw, S., Trujillo-Rasua, R., Willemse, T.A.C.: Refinement-aware generation of attack trees. In: Livraga, G., Mitchell, C. (eds.) STM 2017. LNCS, vol. 10547, pp. 164–179. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-68063-7_11

    Chapter  Google Scholar 

  7. Hansen, R.R., Jensen, P.G., Larsen, K.G., Legay, A., Poulsen, D.B.: Quantitative evaluation of attack defense trees using stochastic timed automata. In: Liu, P., Mauw, S., Stølen, K. (eds.) GraMSec 2017. LNCS, vol. 10744, pp. 75–90. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-74860-3_5

    Chapter  Google Scholar 

  8. Hong, J.B., Kim, D.S., Takaoka, T.: Scalable attack representation model using logic reduction techniques. In: Proceedings of TrustCom. IEEE (2013)

    Google Scholar 

  9. Ivanova, M.G., Probst, C.W., Hansen, R.R., Kammüller, F.: Transforming graphical system models to graphical attack models. In: Mauw, S., Kordy, B., Jajodia, S. (eds.) GraMSec 2015. LNCS, vol. 9390, pp. 82–96. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-29968-6_6

    Chapter  Google Scholar 

  10. Jhawar, R., Lounis, K., Mauw, S.: A stochastic framework for quantitative analysis of attack-defense trees. In: Barthe, G., Markatos, E., Samarati, P. (eds.) STM 2016. LNCS, vol. 9871, pp. 138–153. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-46598-2_10

    Chapter  Google Scholar 

  11. Kordy, B., Mauw, S., Radomirović, S., Schweitzer, P.: Attack-defense trees. J. Log. Comput. 24(1), 55–87 (2014). Oxford University Press

    Article  MathSciNet  Google Scholar 

  12. Lounis, K.: Stochastic-based semantics of attack-defense trees for security assessment. Electron. Notes Theor. Comput. Sci. 337, 135–154 (2018)

    Article  Google Scholar 

  13. Lu, W.P., Li, W.M.: Space based information system security risk evaluation based on improved attack trees. In: Proceedings of MINES 2011, pp. 480–483 (2011)

    Google Scholar 

  14. Manning, C.D., Surdeanu, M., Bauer, J., Finkel, J., Bethard, S.J., McClosky, D.: The stanford CoreNLP natural language processing toolkit. In: Association for Computational Linguistics (ACL) System Demonstrations, pp. 55–60 (2014)

    Google Scholar 

  15. Mauw, S., Oostdijk, M.: Foundations of attack trees. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186–198. Springer, Heidelberg (2006). https://doi.org/10.1007/11734727_17

    Chapter  Google Scholar 

  16. Piètre-Cambacédès. L., Bouissou, M.: Beyond attack trees: dynamic security modeling with Boolean logic driven markov processes (BDMP). In: Proceedings of EDCC 2010, Los Alamitos, CA, USA, pp. 199–208. IEEE Computer Society (2010)

    Google Scholar 

  17. Pinchinat, S., Acher, M., Vojtisek, D.: ATSyRa: an integrated environment for synthesizing attack trees. In: Mauw, S., Kordy, B., Jajodia, S. (eds.) GraMSec 2015. LNCS, vol. 9390, pp. 97–101. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-29968-6_7

    Chapter  Google Scholar 

  18. Roy, A., Kim, D.S., Trivedi, K.S.: Attack countermeasure trees (ACT): towards unifying the constructs of attack and defense trees. Secur. Commun. Netw. 5(8), 929–943 (2012)

    Article  Google Scholar 

  19. Schneier, B.: Attack trees: modeling security threats. Dr. Dobb’s J. Softw. Tools 24(12), 21–29 (1999)

    Google Scholar 

  20. Schneier, B.: Secrets and Lies: Digital Security in a Networked World. Wiley, Hoboken (2011)

    Google Scholar 

  21. Schuster, S., Manning, C.D.: Enhanced english universal dependencies: an improved representation for natural language understanding tasks. In: Proceedings of LREC 2016 (2016)

    Google Scholar 

  22. Shostack, A.: Threat modeling: Designing for security. Wiley, Hoboken (2014)

    Google Scholar 

  23. Vigo, R., Nielsen, F., Nielson, H.R.: Automated generation of attack trees. In: Proceedings of CSF 2014, pp. 337–350. IEEE (2014)

    Google Scholar 

  24. Jürgenson, A., Willemson, J.: Serial model for attack tree computations. In: Lee, D., Hong, S. (eds.) ICISC 2009. LNCS, vol. 5984, pp. 118–128. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14423-3_9

    Chapter  Google Scholar 

Download references

Acknowledgements

The research reported in this paper received funding from Luxembourg’s Fonds National de la Recherche (FNR), under grant C13/IS/5809105 (ADT2P).

Author information

Authors and Affiliations

  1. CSC, University of Luxembourg, 6, av. de la Fonte, 4364, Esch-sur-Alzette, Luxembourg

    Karim Lounis & Sjouke Mauw

  2. SnT, University of Luxembourg, 6, av. de la Fonte, 4364, Esch-sur-Alzette, Luxembourg

    Ravi Jhawar, Sjouke Mauw & Yunior Ramírez-Cruz

Authors
  1. Ravi Jhawar
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Karim Lounis
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sjouke Mauw
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yunior Ramírez-Cruz
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yunior Ramírez-Cruz .

Editor information

Editors and Affiliations

  1. Open University of Cyprus, Latsia, Cyprus

    Sokratis K. Katsikas

  2. University of Malaga, Malaga, Spain

    Cristina Alcaraz

A List of Dependency Labels Used in Section 4

A List of Dependency Labels Used in Section 4

These are the relevant dependency labels used in Subsect. 4.1 for the extraction patterns that enable the automatic generation of guarantee predicates for the library trees:

  • dobj: main noun of the direct object complement.

  • xcomp: main verb of an open clausal complement. This is the relation between the main verb of the sentence (to allow in the cases processed here) and the main verb of a subordinate sentence serving as clausal complement (in this case, the subordinate sentence describing the action that is allowed).

  • amod: adjectival noun modifier. This is the relation between the main noun of a noun phrase and an adjective that qualifies it, e.g remote and attacker or arbitrary and code.

  • compound: noun compound modifier. Similar to the previous one, but referred to a composition of nouns, one of which modifies the other, e.g. the relation between service and denial in the noun phrase service denial.

  • nmod:of: head of prepositional noun modifier introduced by the preposition of. Similar to the previous one, but referred to the composition of a noun and a prepositional phrase that modifies it, e.g. the relation between service and denial in the noun phrase denial of service.

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Jhawar, R., Lounis, K., Mauw, S., Ramírez-Cruz, Y. (2018). Semi-automatically Augmenting Attack Trees Using an Annotated Attack Tree Library. In: Katsikas, S., Alcaraz, C. (eds) Security and Trust Management. STM 2018. Lecture Notes in Computer Science(), vol 11091. Springer, Cham. https://doi.org/10.1007/978-3-030-01141-3_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-01141-3_6

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-01140-6

  • Online ISBN: 978-3-030-01141-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation