Research Article
Quantitative Analysis of Attack Defense Trees
@INPROCEEDINGS{10.1007/978-3-030-92511-6_13, author={Nihal Pekergin and Sovanna Tan}, title={Quantitative Analysis of Attack Defense Trees}, proceedings={Performance Evaluation Methodologies and Tools. 14th EAI International Conference, VALUETOOLS 2021, Virtual Event, October 30--31, 2021, Proceedings}, proceedings_a={VALUETOOLS}, year={2021}, month={12}, keywords={Attack defense tree Discrete probability distribution Stochastic bounds}, doi={10.1007/978-3-030-92511-6_13} }- Nihal Pekergin
Sovanna Tan
Year: 2021
Quantitative Analysis of Attack Defense Trees
VALUETOOLS
Springer
DOI: 10.1007/978-3-030-92511-6_13
Abstract
The quantitative analysis of Attack Tree models brings insights on the underlying security-critical systems. Having information on temporal behaviours of such systems lets us check whether at a given time, the probability that the system is compromised is less than a critical threshold or not. Moreover the evaluation of the countermeasure efficiency and the determination of eventual reinforcements of security-critical systems are very important. In this paper, we extend the approach proposed in [11] for numerical analysis of the Attack Tree models to the Attack Defense Tree analysis. The completion times of attacks and countermeasures are defined by finite discrete random variables. The output distribution of the root of an Attack Defense Tree is computed by a bottom-up approach. However the size of the output distribution can become quickly very large. We prove that the method which consists in deriving bounding distributions of reduced sizes by means of the stochastic comparison method can be used in the presence of counter-measure gates.
