# Attribute Evaluation on Attack Trees with Incomplete Information

**Authors:** Ahto Buldas, Olga Gadyatskaya, Aleksandr Lenin, Sjouke Mauw and, Rolando Trujillo-Rasua

arXiv: 1812.10754 · 2019-01-11

## TL;DR

This paper introduces a generalized method for evaluating attack trees with incomplete or inconsistent data, allowing for more flexible and approximate security analysis using constraint programming.

## Contribution

It extends existing attack tree evaluation methods by enabling initial values for non-leaf nodes, additional relations, and approximate solutions for inconsistencies.

## Key findings

- Method effectively handles incomplete data scenarios.
- Supports approximate solutions in case of inconsistent data.
- Case study demonstrates practical applicability.

## Abstract

Attack trees are considered a useful tool for security modelling because they support qualitative as well as quantitative analysis. The quantitative approach is based on values associated to each node in the tree, expressing, for instance, the minimal cost or probability of an attack. Current quantitative methods for attack trees allow the analyst to, based on an initial assignment of values to the leaf nodes, derive the values of the higher nodes in the tree. In practice, however, it shows to be very difficult to obtain reliable values for all leaf nodes. The main reasons are that data is only available for some of the nodes, that data is available for intermediate nodes rather than for the leaf nodes, or even that the available data is inconsistent. We address these problems by developing a generalisation of the standard bottom-up calculation method in three ways. First, we allow initial attributions of non-leaf nodes. Second, we admit additional relations between attack steps beyond those provided by the underlying attack tree semantics. Third, we support the calculation of an approximative solution in case of inconsistencies. We illustrate our method, which is based on constraint programming, by a comprehensive case study.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1812.10754/full.md

## Figures

9 figures with captions in the complete paper: https://tomesphere.com/paper/1812.10754/full.md

## References

50 references — full list in the complete paper: https://tomesphere.com/paper/1812.10754/full.md

---
Source: https://tomesphere.com/paper/1812.10754