Attack Trees with Sequential Conjunction

Ravi Jhawar, Barbara Kordy (Lead / Corresponding author), Sjouke Mauw, Saša Radomirović, Rolando Trujillo-Rasua

Research output: Chapter in Book/Report/Conference proceedingConference contribution

37 Citations (Scopus)

Abstract

We provide the first formal foundation of SAND attack trees which are a popular extension of the well-known attack trees. The SAND attack tree formalism increases the expressivity of attack trees by introducing the sequential conjunctive operator SAND. This operator enables the modeling of ordered events. We give a semantics to SAND attack trees by interpreting them as sets of series-parallel graphs and propose a complete axiomatization of this semantics. We define normal forms for SAND attack trees and a term rewriting system which allows identification of semantically equivalent trees. Finally, we formalize how to quantitatively analyze SAND attack trees using attributes.

Original languageEnglish
Title of host publicationICT Systems Security and Privacy Protection
Subtitle of host publication30th IFIP TC 11 International Conference, SEC 2015 Hamburg, Germany, May 26–28, 2015 Proceedings
EditorsHannes Federrath, Dieter Gollmann
Place of PublicationSwitzerland
PublisherSpringer International Publishing
Pages339-353
Number of pages15
ISBN (Electronic)9783319184678
ISBN (Print)9783319184661
DOIs
Publication statusPublished - 2015
Event30th International Conference on ICT Systems Security and Privacy Protection - University of Hamburg, ESA Campus, Hamburg, Germany
Duration: 26 May 201528 May 2015
https://www.ifipsec.org/2015/ (Link to Conference website)

Publication series

NameIFIP Advances in Information and Communication Technology
Volume455
ISSN (Print)1868-4238
ISSN (Electronic)1868-422X

Conference

Conference30th International Conference on ICT Systems Security and Privacy Protection
Abbreviated titleIFIP SEC 2015
CountryGermany
CityHamburg
Period26/05/1528/05/15
Internet address

Fingerprint

Attack
Operator
Axiomatization
Normal form
Graph
Formalism
Modeling

Keywords

  • Attack trees
  • SAND
  • Security modeling
  • Sequential operators

Cite this

Jhawar, R., Kordy, B., Mauw, S., Radomirović, S., & Trujillo-Rasua, R. (2015). Attack Trees with Sequential Conjunction. In H. Federrath, & D. Gollmann (Eds.), ICT Systems Security and Privacy Protection : 30th IFIP TC 11 International Conference, SEC 2015 Hamburg, Germany, May 26–28, 2015 Proceedings (pp. 339-353). (IFIP Advances in Information and Communication Technology; Vol. 455). Switzerland: Springer International Publishing. https://doi.org/10.1007/978-3-319-18467-8_23
Jhawar, Ravi ; Kordy, Barbara ; Mauw, Sjouke ; Radomirović, Saša ; Trujillo-Rasua, Rolando. / Attack Trees with Sequential Conjunction. ICT Systems Security and Privacy Protection : 30th IFIP TC 11 International Conference, SEC 2015 Hamburg, Germany, May 26–28, 2015 Proceedings. editor / Hannes Federrath ; Dieter Gollmann . Switzerland : Springer International Publishing, 2015. pp. 339-353 (IFIP Advances in Information and Communication Technology).
@inproceedings{5596be70df304d2ba8088e3cf05bde8a,
title = "Attack Trees with Sequential Conjunction",
abstract = "We provide the first formal foundation of SAND attack trees which are a popular extension of the well-known attack trees. The SAND attack tree formalism increases the expressivity of attack trees by introducing the sequential conjunctive operator SAND. This operator enables the modeling of ordered events. We give a semantics to SAND attack trees by interpreting them as sets of series-parallel graphs and propose a complete axiomatization of this semantics. We define normal forms for SAND attack trees and a term rewriting system which allows identification of semantically equivalent trees. Finally, we formalize how to quantitatively analyze SAND attack trees using attributes.",
keywords = "Attack trees, SAND, Security modeling, Sequential operators",
author = "Ravi Jhawar and Barbara Kordy and Sjouke Mauw and Saša Radomirović and Rolando Trujillo-Rasua",
note = "The research leading to these results has received funding from the European Union Seventh Framework Programme under grant agreement number 318003 (TREsPASS) and from the Fonds National de la Recherche Luxembourg under grant C13/IS/5809105.",
year = "2015",
doi = "10.1007/978-3-319-18467-8_23",
language = "English",
isbn = "9783319184661",
series = "IFIP Advances in Information and Communication Technology",
publisher = "Springer International Publishing",
pages = "339--353",
editor = "Federrath, {Hannes } and {Gollmann }, {Dieter }",
booktitle = "ICT Systems Security and Privacy Protection",
address = "Switzerland",

}

Jhawar, R, Kordy, B, Mauw, S, Radomirović, S & Trujillo-Rasua, R 2015, Attack Trees with Sequential Conjunction. in H Federrath & D Gollmann (eds), ICT Systems Security and Privacy Protection : 30th IFIP TC 11 International Conference, SEC 2015 Hamburg, Germany, May 26–28, 2015 Proceedings. IFIP Advances in Information and Communication Technology, vol. 455, Springer International Publishing, Switzerland, pp. 339-353, 30th International Conference on ICT Systems Security and Privacy Protection, Hamburg, Germany, 26/05/15. https://doi.org/10.1007/978-3-319-18467-8_23

Attack Trees with Sequential Conjunction. / Jhawar, Ravi; Kordy, Barbara (Lead / Corresponding author); Mauw, Sjouke; Radomirović, Saša; Trujillo-Rasua, Rolando.

ICT Systems Security and Privacy Protection : 30th IFIP TC 11 International Conference, SEC 2015 Hamburg, Germany, May 26–28, 2015 Proceedings. ed. / Hannes Federrath; Dieter Gollmann . Switzerland : Springer International Publishing, 2015. p. 339-353 (IFIP Advances in Information and Communication Technology; Vol. 455).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Attack Trees with Sequential Conjunction

AU - Jhawar, Ravi

AU - Kordy, Barbara

AU - Mauw, Sjouke

AU - Radomirović, Saša

AU - Trujillo-Rasua, Rolando

N1 - The research leading to these results has received funding from the European Union Seventh Framework Programme under grant agreement number 318003 (TREsPASS) and from the Fonds National de la Recherche Luxembourg under grant C13/IS/5809105.

PY - 2015

Y1 - 2015

N2 - We provide the first formal foundation of SAND attack trees which are a popular extension of the well-known attack trees. The SAND attack tree formalism increases the expressivity of attack trees by introducing the sequential conjunctive operator SAND. This operator enables the modeling of ordered events. We give a semantics to SAND attack trees by interpreting them as sets of series-parallel graphs and propose a complete axiomatization of this semantics. We define normal forms for SAND attack trees and a term rewriting system which allows identification of semantically equivalent trees. Finally, we formalize how to quantitatively analyze SAND attack trees using attributes.

AB - We provide the first formal foundation of SAND attack trees which are a popular extension of the well-known attack trees. The SAND attack tree formalism increases the expressivity of attack trees by introducing the sequential conjunctive operator SAND. This operator enables the modeling of ordered events. We give a semantics to SAND attack trees by interpreting them as sets of series-parallel graphs and propose a complete axiomatization of this semantics. We define normal forms for SAND attack trees and a term rewriting system which allows identification of semantically equivalent trees. Finally, we formalize how to quantitatively analyze SAND attack trees using attributes.

KW - Attack trees

KW - SAND

KW - Security modeling

KW - Sequential operators

UR - http://www.scopus.com/inward/record.url?scp=84942693318&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-18467-8_23

DO - 10.1007/978-3-319-18467-8_23

M3 - Conference contribution

AN - SCOPUS:84942693318

SN - 9783319184661

T3 - IFIP Advances in Information and Communication Technology

SP - 339

EP - 353

BT - ICT Systems Security and Privacy Protection

A2 - Federrath, Hannes

A2 - Gollmann , Dieter

PB - Springer International Publishing

CY - Switzerland

ER -

Jhawar R, Kordy B, Mauw S, Radomirović S, Trujillo-Rasua R. Attack Trees with Sequential Conjunction. In Federrath H, Gollmann D, editors, ICT Systems Security and Privacy Protection : 30th IFIP TC 11 International Conference, SEC 2015 Hamburg, Germany, May 26–28, 2015 Proceedings. Switzerland: Springer International Publishing. 2015. p. 339-353. (IFIP Advances in Information and Communication Technology). https://doi.org/10.1007/978-3-319-18467-8_23