# Hackers vs. Security: Attack-Defence Trees as Asynchronous Multi-Agent   Systems

**Authors:** Jaime Arias, Carlos E. Budde, Wojciech Penczek, Laure Petrucci,, Mari\"elle Stoelinga

arXiv: 1906.05283 · 2019-10-24

## TL;DR

This paper enhances Attack-Defence Trees with reactive patterns and attributes, modeling them as Asynchronous Multi-Agent Systems to enable quantitative security analysis and parametric verification.

## Contribution

It introduces a systematic transformation of ADTs into EAMAS, allowing for quantitative analysis and verification of security scenarios.

## Key findings

- Enriched ADTs with reactive patterns, time, and cost attributes.
- Systematic transformation ensures correctness and enables quantitative analysis.
- Case studies demonstrate the approach using Uppaal and IMITATOR tools.

## Abstract

Attack-Defence Trees (ADTs) are well-suited to assess possible attacks to systems and the efficiency of counter-measures. In this paper, we first enrich the available constructs with reactive patterns that cover further security scenarios, and equip all constructs with attributes such as time and cost to allow quantitative analyses. Then, ADTs are modelled as (an extension of) Asynchronous Multi-Agents Systems--EAMAS. The ADT-EAMAS transformation is performed in a systematic manner that ensures correctness. The transformation allows us to quantify the impact of different agents configurations on metrics such as attack time. Using EAMAS also permits parametric verification: we derive constraints for property satisfaction. Our approach is exercised on several case studies using the Uppaal and IMITATOR tools.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1906.05283/full.md

## Figures

17 figures with captions in the complete paper: https://tomesphere.com/paper/1906.05283/full.md

## References

23 references — full list in the complete paper: https://tomesphere.com/paper/1906.05283/full.md

---
Source: https://tomesphere.com/paper/1906.05283