Skip to Main content Skip to Navigation
Conference papers

Is my attack tree correct?

Maxime Audinot 1, * Sophie Pinchinat 1 Barbara Kordy 2, 3
* Corresponding author
1 LogicA - Logic and Applications
IRISA-D4 - LANGAGE ET GÉNIE LOGICIEL, UR1 - Université de Rennes 1, ENS Cachan - École normale supérieure - Cachan
2 EMSEC - EMbedded SEcurity and Cryptography
IRISA-D1 - SYSTÈMES LARGE ÉCHELLE
Abstract : Attack trees are a popular way to represent and evaluate potential security threats on systems or infrastructures. The goal of this work is to provide a framework allowing to express and check whether an attack tree is consistent with the analyzed system. We model real systems using transition systems and introduce attack trees with formally specified node labels. We formulate the cor-rectness properties of an attack tree with respect to a system and study the complexity of the corresponding decision problems. The proposed framework can be used in practice to assist security experts in manual creation of attack trees and enhance development of tools for automated generation of attack trees.
Document type :
Conference papers
Complete list of metadata

Cited literature [28 references]  Display  Hide  Download

https://hal.inria.fr/hal-01686505
Contributor : Maxime Audinot <>
Submitted on : Wednesday, January 17, 2018 - 2:43:27 PM
Last modification on : Monday, February 15, 2021 - 10:42:50 AM
Long-term archiving on: : Sunday, May 6, 2018 - 5:35:20 AM

File

main.pdf
Files produced by the author(s)

Identifiers

Citation

Maxime Audinot, Sophie Pinchinat, Barbara Kordy. Is my attack tree correct?. ESORICS 2017 - 22nd European Symposium on Research in Computer Security, Sep 2017, Oslo, Norway. pp.83-102, ⟨10.1007/978-3-319-66402-6_7⟩. ⟨hal-01686505⟩

Share

Metrics

Record views

405

Files downloads

299