Go to DBLP homepageAttack-Tree Series: A Case for Dynamic Attack Tree Analysis
Abstract: Attack trees are a popular model for security scenario analysis. Yet, they are currently treated in the literature as a static model and are not suitable for dynamic security monitoring. In this paper we introduce attack-tree series, a time-indexed set of attack trees, as a model to capture and visualize the evolution of security scenarios. This model supports changes in the attack tree structure as well as changes in the data values. We introduce the notion of a temperature function as a special type of attribute that expresses the importance of change in the data values. We also introduce a consistency predicate on attack trees to allow inter-relating the evolving scenarios captured as attack trees. Finally, we discuss various application scenarios for attack-tree series and we demonstrate on a case study how the proposed ideas can be implemented to visualize historical trends.
Loading