Abstract
We consider attack trees that can contain OR-, AND- and SAND-nodes. Relying on a formal notion of library inspired from context-free grammars, we introduce a generic attack tree synthesis problem that takes such a library and a trace as inputs. We show that this synthesis problem is NP-complete. The NP membership relies on an involved adaptation of the so-called CYK parsing algorithm. The NP hardness is established via a reduction from a recent covering problem. Finally, we show that the addressed synthesis problem collapses down to P for bounded-AND-arity libraries.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
CVE is a dictionary of publicly disclosed cybersecurity vulnerabilities and exposures https://cve.mitre.org/cve/.
- 2.
- 3.
References
Åberg, O., Sparf, E.: Validating the meta attack language using mitre att&ck matrix (2019)
Audinot, M.: Assisted design and analysis of attack trees. Ph.D. thesis, Université de Rennes, vol. 1 (2018)
Audinot, M., Pinchinat, S., Kordy, B.: Is my attack tree correct? In: Foley, S.N., Gollmann, D., Snekkenes, E. (eds.) ESORICS 2017. LNCS, vol. 10492, pp. 83–102. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66402-6_7
Audinot, M., Pinchinat, S., Kordy, B.: Guided design of attack trees: a system-based approach. In: 31st IEEE Computer Security Foundations Symposium, CSF 2018, Oxford, United Kingdom, July 9–12, 2018, pp. 61–75. IEEE Computer Society (2018). https://doi.org/10.1109/CSF.2018.00012
Audinot, M., Pinchinat, S., Schwarzentruber, F., Wacheux, F.: Deciding the non-emptiness of attack trees. In: Graphical Models for Security - 5th International Workshop on Graphical Models for Security, Oxford, UK - July 8, 2018, pp. 25–38 (2018). https://doi.org/10.1007/978-3-319-46263-9_2
Bagnato, A., Kordy, B., Meland, P.H., Schweitzer, P.: Attribute decoration of attack-defense trees. Int. J. Secur. Softw. Eng. 3(2), 1–35 (2012). https://doi.org/10.4018/jsse.2012040101
Baier, C., Katoen, J.: Principles of Model Checking. MIT Press, Cambridge (2008)
Board, E.A., Board, S.: Election operations assessment - threat trees and matrices and threat instance risk analyzer (TIRA) (2009). https://www.eac.gov/assets/1/28/Election_Operations_Assessment_Threat_Trees_and_Matrices_and_Threat_Instance_Risk_Analyzer_(TIRA).pdf
Fraile, M., Ford, M., Gadyatskaya, O., Kumar, R., Stoelinga, M., Trujillo-Rasua, R.: Using attack-defense trees to analyze threats and countermeasures in an ATM: a case study. In: Horkoff, J., Jeusfeld, M.A., Persson, A. (eds.) PoEM 2016. LNBIP, vol. 267, pp. 326–334. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-48393-1_24
Gadyatskaya, O., Jhawar, R., Mauw, S., Trujillo-Rasua, R., Willemse, T.A.C.: Refinement-aware generation of attack trees. In: Livraga, G., Mitchell, C. (eds.) STM 2017. LNCS, vol. 10547, pp. 164–179. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-68063-7_11
Hong, J.B., Kim, D.S., Takaoka, T.: Scalable attack representation model using logic reduction techniques. In: 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, pp. 404–411 (July 2013)
Hopcroft, J.E., Motwani, R., Ullman, J.D.: Introduction to Automata Theory, Languages, and Computation. Pearson International Edition, 3rd edn. Addison-Wesley, Boston (2007)
Ivanova, M.G., Probst, C.W., Hansen, R.R., Kammüller, F.: Attack tree generation by policy invalidation. In: Akram, R.N., Jajodia, S. (eds.) WISTP 2015. LNCS, vol. 9311, pp. 249–259. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-24018-3_16
Jhawar, R., Lounis, K., Mauw, S., Ramírez-Cruz, Y.: Semi-automatically augmenting attack trees using an annotated attack tree library. In: Katsikas, S.K., Alcaraz, C. (eds.) STM 2018. LNCS, vol. 11091, pp. 85–101. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-01141-3_6
Kasami, T.: An efficient recognition and syntax-analysis algorithm for context-free languages. Coordinated Science Laboratory Report no. R-257 (1966)
Mantel, H., Probst, C.W.: On the meaning and purpose of attack trees. In: 32nd IEEE Computer Security Foundations Symposium, CSF 2019, Hoboken, NJ, USA, June 25–28, 2019, pp. 184–199. IEEE (2019). https://doi.org/10.1109/CSF.2019.00020
(NESCOR), N.E.S.C.O.R.: Analysis of selected electric sector high risk failure scenarios, version 2.0 (2015). http://smartgrid.epri.com/doc/NESCOR%20Detailed%20Failure%20Scenarios%20v2.pdf
Pinchinat, S., Acher, M., Vojtisek, D.: Towards synthesis of attack trees for supporting computer-aided risk analysis. In: Canal, C., Idani, A. (eds.) SEFM 2014. LNCS, vol. 8938, pp. 363–375. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-15201-1_24
Pinchinat, S., Acher, M., Vojtisek, D.: ATSyRa: an integrated environment for synthesizing attack trees. In: Mauw, S., Kordy, B., Jajodia, S. (eds.) GraMSec 2015. LNCS, vol. 9390, pp. 97–101. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-29968-6_7
Pinchinat, S., Fila, B., Wacheux, F., Thierry-Mieg, Y.: Attack trees: a notion of missing attacks. In: Graphical Models for Security - 6th International Workshop, GraMSec@CSF 2019, Hoboken, NJ, USA, June 24, 2019, Revised Papers, pp. 23–49 (2019)
Poolsapassit, N., Ray, I.: Investigating computer attacks using attack trees. In: Craiger, P., Shenoi, S. (eds.) DigitalForensics 2007. ITIFIP, vol. 242, pp. 331–343. Springer, New York (2007). https://doi.org/10.1007/978-0-387-73742-3_23
Saffidine, A., Cong, S.L., Pinchinat, S., Schwarzentruber, F.: The packed interval covering problem is NP-complete. CoRR abs/1906.03676 (2019). http://arxiv.org/abs/1906.03676
Schneier, B.: Attack trees: modeling security threats. Dr. Dobb’s J. Softw. Tools 24(12), 21–29 (1999)
Sipser, M.: Introduction to the Theory of Computation. PWS Publishing Company, Boston (1997)
Vigo, R., Nielson, F., Nielson, H.R.: Automated generation of attack trees. In: IEEE 27th Computer Security Foundations Symposium, CSF 2014, Vienna, Austria, 19–22 July, 2014, pp. 337–350 (2014)
Wideł, W., Audinot, M., Fila, B., Pinchinat, S.: Beyond 2014: formal methods for attack tree-based security modeling. ACM Comput. Surv. 52(4), 1–36 (2019)
Younger, D.H.: Recognition and parsing of context-free languages in time \(n^3\). Inf. Control 10(2), 189–208 (1967)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Pinchinat, S., Schwarzentruber, F., Lê Cong, S. (2020). Library-Based Attack Tree Synthesis. In: Eades III, H., Gadyatskaya, O. (eds) Graphical Models for Security. GraMSec 2020. Lecture Notes in Computer Science(), vol 12419. Springer, Cham. https://doi.org/10.1007/978-3-030-62230-5_2
Download citation
DOI: https://doi.org/10.1007/978-3-030-62230-5_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-62229-9
Online ISBN: 978-3-030-62230-5
eBook Packages: Computer ScienceComputer Science (R0)