A Probabilistic Framework for Security Scenarios with Dependent Actions
|Title||A Probabilistic Framework for Security Scenarios with Dependent Actions|
|Publication Type||Conference Paper|
|Year of Publication||2014|
|Authors||Kordy B., Pouly M., Schweizer P.|
|Editor||Albert E., Sekereinsk E.|
|Conference Name||11th International Conference on Integrated Formal Methods, IFM 2014, Bertinoro, Italy|
This work addresses the growing need of performing meaningful probabilistic analysis of security. We propose a framework that integrates the graphical security modeling technique of attack-defense trees with probabilistic information expressed in terms of Bayesian networks. This allows us to perform probabilistic evaluation of attack-defense scenarios involving dependent actions. To improve the efficiency of our computations, we make use of inference algorithms from Bayesian networks and encoding techniques from constraint reasoning. We discuss the algebraic theory underlying our framework and point out several generalizations which are possible thanks to the use of semiring theory.