Formalising attack trees to support economic analysis

Andrew C. Simpson; Matthias Dellago; Daniel W. Woods

doi:10.1093/comjnl/bxac170

Formalising attack trees to support economic analysis

Andrew C. Simpson, Matthias Dellago, Daniel W. Woods

Research output: Contribution to journal › Article › peer-review

Abstract

Attack trees and attack graphs are both examples of what one might term attack modelling techniques. The primary purpose of such techniques is to help establish and enumerate the ways in which a system could be compromised; as such, they play a key role in the (security) risk analysis process. Given their role and the consequent need to ensure that they are correct, there are good reasons for capturing such artefacts in a formal manner. We describe such a formal approach, which has been motivated by a desire to model attacks from the perspectives of attackers, to support economic analysis. As an illustration, we consider exploitation cost.

Original language	English
Article number	bxac170
Number of pages	16
Journal	The Computer Journal
Early online date	30 Nov 2022
DOIs	https://doi.org/10.1093/comjnl/bxac170
Publication status	E-pub ahead of print - 30 Nov 2022

Keywords

Attack Trees
Formal Modelling
Z
Information Security Economics

Access to Document

10.1093/comjnl/bxac170Licence: All Rights Reserved

Formalising attack_SIMPSON_DOA15102022_AFVAccepted author manuscript, 459 KBLicence: Creative Commons: Attribution (CC-BY)

https://academic.oup.com/comjnl/advance-article/doi/10.1093/comjnl/bxac170/6855081?searchresult=1Licence: All Rights Reserved

Cite this

@article{4df04c0219f54fd1a4cf7cc2656b52fd,

title = "Formalising attack trees to support economic analysis",

abstract = "Attack trees and attack graphs are both examples of what one might term attack modelling techniques. The primary purpose of such techniques is to help establish and enumerate the ways in which a system could be compromised; as such, they play a key role in the (security) risk analysis process. Given their role and the consequent need to ensure that they are correct, there are good reasons for capturing such artefacts in a formal manner. We describe such a formal approach, which has been motivated by a desire to model attacks from the perspectives of attackers, to support economic analysis. As an illustration, we consider exploitation cost.",

keywords = "Attack Trees, Formal Modelling, Z, Information Security Economics",

author = "Simpson, {Andrew C.} and Matthias Dellago and Woods, {Daniel W.}",

year = "2022",

month = nov,

day = "30",

doi = "10.1093/comjnl/bxac170",

language = "English",

journal = "The Computer Journal",

issn = "0010-4620",

publisher = "Oxford University Press",

}

TY - JOUR

T1 - Formalising attack trees to support economic analysis

AU - Simpson, Andrew C.

AU - Dellago, Matthias

AU - Woods, Daniel W.

PY - 2022/11/30

Y1 - 2022/11/30

N2 - Attack trees and attack graphs are both examples of what one might term attack modelling techniques. The primary purpose of such techniques is to help establish and enumerate the ways in which a system could be compromised; as such, they play a key role in the (security) risk analysis process. Given their role and the consequent need to ensure that they are correct, there are good reasons for capturing such artefacts in a formal manner. We describe such a formal approach, which has been motivated by a desire to model attacks from the perspectives of attackers, to support economic analysis. As an illustration, we consider exploitation cost.

AB - Attack trees and attack graphs are both examples of what one might term attack modelling techniques. The primary purpose of such techniques is to help establish and enumerate the ways in which a system could be compromised; as such, they play a key role in the (security) risk analysis process. Given their role and the consequent need to ensure that they are correct, there are good reasons for capturing such artefacts in a formal manner. We describe such a formal approach, which has been motivated by a desire to model attacks from the perspectives of attackers, to support economic analysis. As an illustration, we consider exploitation cost.

KW - Attack Trees

KW - Formal Modelling

KW - Z

KW - Information Security Economics

U2 - 10.1093/comjnl/bxac170

DO - 10.1093/comjnl/bxac170

M3 - Article

JO - The Computer Journal

JF - The Computer Journal

SN - 0010-4620

M1 - bxac170

ER -

Formalising attack trees to support economic analysis

Abstract

Keywords

Access to Document

Fingerprint

Cite this