Skip to main content
SpringerLink
Log in
Book cover

International Conference on Emerging Internetworking, Data & Web Technologies

EIDWT 2017: Advances in Internetworking, Data & Web Technologies pp 667–678Cite as

Cyber-Attack Risks Analysis Based on Attack-Defense Trees

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes on Data Engineering and Communications Technologies ((LNDECT,volume 6))

Abstract

Considering the lack of theoretical analysis for systems under complicated attacks, a framework was proposed to analyze attack risks based on attack-defense trees. The attack period was divided into attack phase and defense phase and metrics was defined. First, action nodes were constructed by collecting system vulnerabilities and capturing invasive events, and defense strategies were mapped to defense nodes in the tree structure. Besides, formal definitions were given and attack-defense tree with metrics was constructed using ADTool and relevant algorithms. In addition, concepts of ROA (Return on attack) and ROI (Return on Investment) were introduced to analyze system risk as well as to evaluate countermeasures. Finally, a risk analysis framework based on attack-defense trees was established and numerical case was given to demonstrate the proposed approach. The result showed that the framework could clearly describe the practical scenario of the interaction between attacks and defenses. The objective of risk analysis and countermeasures evaluation could be achieved.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    Available at https://www.first.org/cvss.

References

  1. Bencsáth, B., Pék, G., Buttyán, L., Felegyhazi, M.: The cousins of stuxnet: Duqu, flame, and gauss. Future Internet 4(4), 971–1003 (2012)

    Article  Google Scholar 

  2. Virvilis, N., Gritzalis, D.: The big four-what we did wrong in advanced persistent threat detection? In: 2013 Eighth International Conference on Availability, Reliability and Security (ARES), pp. 248–254. IEEE, September 2013

    Google Scholar 

  3. Laszka, A., Johnson, B., Grossklags, J.: Mitigating covert compromises. In: International Conference on Web and Internet Economics, pp. 319–332. Springer, Heidelberg, December 2013

    Google Scholar 

  4. Kordy, B., Kordy, P., Mauw, S., Schweitzer, P.: ADTool: security analysis with attack–defense trees. In: International Conference on Quantitative Evaluation of Systems, pp. 173–176. Springer, Heidelberg, August 2013

    Google Scholar 

  5. Gadyatskaya, O., Jhawar, R., Kordy, P., Lounis, K., Mauw, S., Trujillo-Rasua, R.: Attack trees for practical security assessment: ranking of attack scenarios with ADTool 2.0. In: International Conference on Quantitative Evaluation of Systems, pp. 159–162. Springer International Publishing, August 2016

    Google Scholar 

  6. Schneier, B.: Attack trees. Dobb’s J. 24(12), 21–29 (1999)

    Google Scholar 

  7. Moore, A.P., Ellison, R.J., Linger, R.C.: Attack modeling for information security and survivability. Carnegie-Mellon Univ Pittsburgh PA Software Engineering Inst (No. CMU-SEI-2001-TN-001) (2001)

    Google Scholar 

  8. Edge, K.S., Dalton, G.C., Raines, R.A., Mills, R.F.: Using attack and protection trees to analyze threats and defenses to homeland security. In: IEEE Military Communications Conference, MILCOM 2006, pp. 1–7. IEEE, October 2006

    Google Scholar 

  9. Bistarelli, S., Fioravanti, F., Peretti, P.: Defense trees for economic evaluation of security investments. In: The First International Conference on Availability, Reliability and Security, 2006, ARES 2006, pp. 8–pp. IEEE, April 2006

    Google Scholar 

  10. Roy, A., Kim, D.S., Trivedi, K.S.: Attack countermeasure trees (ACT): towards unifying the constructs of attack and defense trees. Secur. Commun. Netw. 5(8), 929–943 (2012)

    Article  Google Scholar 

  11. Kordy, B., Mauw, S., Radomirović, S., Schweitzer, P.: Foundations of attack–defense trees. In: International Workshop on Formal Aspects in Security and Trust, pp. 80–95. Springer, Heidelberg, September 2010

    Google Scholar 

  12. Kordy, B., Mauw, S., Radomirović, S., Schweitzer, P.: Attack–defense trees. J. Logic Comput. 24, 55–87 (2012). exs029

    Article  MathSciNet  MATH  Google Scholar 

  13. Du, S., Li, X., Du, J., Zhu, H.: An attack-and-defence game for security assessment in vehicular ad hoc networks. Peer-to-peer Netw. Appl. 7(3), 215–228 (2014)

    Article  Google Scholar 

  14. Ji, X., Yu, H., Fan, G., Fu, W.: Attack-defense trees based cyber security analysis for CPSs. In: 2016 17th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD), pp. 693–698. IEEE, May 2016

    Google Scholar 

  15. Wueest, C.: Targeted Attacks Against the Energy Sector. Symantec Security Response, Mountain View (2014)

    Google Scholar 

Download references

Acknowledgments

This work was partially supported by the National Natural Science Foundation of China (61572521).

Author information

Authors and Affiliations

  1. Department of Electronic Technology, Engineering University of the People’s Armed Police Force, Xi’an, Shaanxi, China

    Wenjun Sun, Liqun Lv, Yang Su & Xu An Wang

  2. Xidian University, Xi’an, Shaanxi, China

    Xu An Wang

Authors
  1. Wenjun Sun
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Liqun Lv
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yang Su
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Xu An Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Wenjun Sun .

Editor information

Editors and Affiliations

  1. Fukuoka Institute of Technology, Fukuoka, Japan

    Leonard Barolli

  2. School of Computer Sciences, Hubei University of Technology, Wuhan, China

    Mingwu Zhang

  3. Department of Electronic Technology, Key, Engineering University of CAPF, Xi’an, Xizang, China

    Xu An Wang

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG

About this paper

Cite this paper

Sun, W., Lv, L., Su, Y., Wang, X.A. (2018). Cyber-Attack Risks Analysis Based on Attack-Defense Trees. In: Barolli, L., Zhang, M., Wang, X. (eds) Advances in Internetworking, Data & Web Technologies. EIDWT 2017. Lecture Notes on Data Engineering and Communications Technologies, vol 6. Springer, Cham. https://doi.org/10.1007/978-3-319-59463-7_67

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-59463-7_67

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-59462-0

  • Online ISBN: 978-3-319-59463-7

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation