Abstract
Considering the lack of theoretical analysis for systems under complicated attacks, a framework was proposed to analyze attack risks based on attack-defense trees. The attack period was divided into attack phase and defense phase and metrics was defined. First, action nodes were constructed by collecting system vulnerabilities and capturing invasive events, and defense strategies were mapped to defense nodes in the tree structure. Besides, formal definitions were given and attack-defense tree with metrics was constructed using ADTool and relevant algorithms. In addition, concepts of ROA (Return on attack) and ROI (Return on Investment) were introduced to analyze system risk as well as to evaluate countermeasures. Finally, a risk analysis framework based on attack-defense trees was established and numerical case was given to demonstrate the proposed approach. The result showed that the framework could clearly describe the practical scenario of the interaction between attacks and defenses. The objective of risk analysis and countermeasures evaluation could be achieved.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
Available at https://www.first.org/cvss.
References
Bencsáth, B., Pék, G., Buttyán, L., Felegyhazi, M.: The cousins of stuxnet: Duqu, flame, and gauss. Future Internet 4(4), 971–1003 (2012)
Virvilis, N., Gritzalis, D.: The big four-what we did wrong in advanced persistent threat detection? In: 2013 Eighth International Conference on Availability, Reliability and Security (ARES), pp. 248–254. IEEE, September 2013
Laszka, A., Johnson, B., Grossklags, J.: Mitigating covert compromises. In: International Conference on Web and Internet Economics, pp. 319–332. Springer, Heidelberg, December 2013
Kordy, B., Kordy, P., Mauw, S., Schweitzer, P.: ADTool: security analysis with attack–defense trees. In: International Conference on Quantitative Evaluation of Systems, pp. 173–176. Springer, Heidelberg, August 2013
Gadyatskaya, O., Jhawar, R., Kordy, P., Lounis, K., Mauw, S., Trujillo-Rasua, R.: Attack trees for practical security assessment: ranking of attack scenarios with ADTool 2.0. In: International Conference on Quantitative Evaluation of Systems, pp. 159–162. Springer International Publishing, August 2016
Schneier, B.: Attack trees. Dobb’s J. 24(12), 21–29 (1999)
Moore, A.P., Ellison, R.J., Linger, R.C.: Attack modeling for information security and survivability. Carnegie-Mellon Univ Pittsburgh PA Software Engineering Inst (No. CMU-SEI-2001-TN-001) (2001)
Edge, K.S., Dalton, G.C., Raines, R.A., Mills, R.F.: Using attack and protection trees to analyze threats and defenses to homeland security. In: IEEE Military Communications Conference, MILCOM 2006, pp. 1–7. IEEE, October 2006
Bistarelli, S., Fioravanti, F., Peretti, P.: Defense trees for economic evaluation of security investments. In: The First International Conference on Availability, Reliability and Security, 2006, ARES 2006, pp. 8–pp. IEEE, April 2006
Roy, A., Kim, D.S., Trivedi, K.S.: Attack countermeasure trees (ACT): towards unifying the constructs of attack and defense trees. Secur. Commun. Netw. 5(8), 929–943 (2012)
Kordy, B., Mauw, S., Radomirović, S., Schweitzer, P.: Foundations of attack–defense trees. In: International Workshop on Formal Aspects in Security and Trust, pp. 80–95. Springer, Heidelberg, September 2010
Kordy, B., Mauw, S., Radomirović, S., Schweitzer, P.: Attack–defense trees. J. Logic Comput. 24, 55–87 (2012). exs029
Du, S., Li, X., Du, J., Zhu, H.: An attack-and-defence game for security assessment in vehicular ad hoc networks. Peer-to-peer Netw. Appl. 7(3), 215–228 (2014)
Ji, X., Yu, H., Fan, G., Fu, W.: Attack-defense trees based cyber security analysis for CPSs. In: 2016 17th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD), pp. 693–698. IEEE, May 2016
Wueest, C.: Targeted Attacks Against the Energy Sector. Symantec Security Response, Mountain View (2014)
Acknowledgments
This work was partially supported by the National Natural Science Foundation of China (61572521).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Sun, W., Lv, L., Su, Y., Wang, X.A. (2018). Cyber-Attack Risks Analysis Based on Attack-Defense Trees. In: Barolli, L., Zhang, M., Wang, X. (eds) Advances in Internetworking, Data & Web Technologies. EIDWT 2017. Lecture Notes on Data Engineering and Communications Technologies, vol 6. Springer, Cham. https://doi.org/10.1007/978-3-319-59463-7_67
Download citation
DOI: https://doi.org/10.1007/978-3-319-59463-7_67
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-59462-0
Online ISBN: 978-3-319-59463-7
eBook Packages: EngineeringEngineering (R0)