Efficient Algorithms for Quantitative Attack Tree Analysis

Carlos E. Budde; Mari\"elle Stoelinga

arXiv:2105.07511·cs.CR·September 29, 2022

Efficient Algorithms for Quantitative Attack Tree Analysis

Carlos E. Budde, Mari\"elle Stoelinga

PDF

TL;DR

This paper introduces new algorithms for analyzing quantitative attack trees, classifying them into different types and efficiently computing various security metrics with complexity analysis.

Contribution

It proposes novel algorithms for different classes of attack trees that work over a generic attribute domain, expanding analysis capabilities.

Findings

01

Algorithms for proper trees and DAGs with shared subtrees

02

Analysis of computational complexity of proposed methods

03

Applicability to a wide range of security metrics

Abstract

Numerous analysis methods for quantitative attack tree analysis have been proposed. These algorithms compute relevant security metrics, i.e. performance indicators that quantify how good the security of a system is, such as the most likely attack, the cheapest, or the most damaging one. This paper classifies attack trees in two dimensions: proper trees vs. directed acyclic graphs (i.e. with shared subtrees); and static vs. dynamic gates. For each class, we propose novel algorithms that work over a generic attribute domain, encompassing a large number of concrete security metrics defined on the attack tree semantics. We also analyse the computational complexity of our methods.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.