Attack trees and attack graphs are both examples of what one might term attack modelling techniques. The primary purpose of such techniques is to help establish and enumerate the ways in which a system could be compromised; as such, they play a key role in the (security) risk analysis process. Given their role and the consequent need to ensure that they are correct, there are good reasons for capturing such artefacts in a formal manner. We describe such a formal approach, which has been motivated by a desire to model attacks from the perspectives of attackers, to support economic analysis. As an illustration, we consider exploitation cost.
|Number of pages||16|
|Journal||The Computer Journal|
|Early online date||30 Nov 2022|
|Publication status||E-pub ahead of print - 30 Nov 2022|
- Attack Trees
- Formal Modelling
- Information Security Economics