Attack Tree Generation by Policy Invalidation

TitleAttack Tree Generation by Policy Invalidation
Publication TypeConference Paper
Year of Publication2015
AuthorsIvanova M.G, Probst C.W, Hansen R.R, Kammueller F.
EditorR. Akram N, Jajodia S.
Conference Name9th IFIP WG 11.2 International Conference on Information Security Theory and Practice, WISTP 2015, Heraklion, Crete, Greece
Date PublishedAugust
PublisherSpringer Verlag
Conference LocationBerlin
KeywordsAttack Tree Generation, Policy Invalidation

Attacks on systems and organisations increasingly exploit human actors, for example through social engineering, complicating their formal treatment and automatic identification. Formalisation of human behaviour is di?cult at best, and attacks on socio-technical systems are still mostly identified through brainstorming of experts. In this work we formalize attack tree generation including human factors; based on recent advances in system models we develop a technique to identify possible attacks analytically, including technical and human factors. Our systematic attack generation is based on invalidating policies in the sys- tem model by identifying possible sequences of actions that lead to an attack. The generated attacks are precise enough to illustrate the threat, and they are general enough to hide the details of individual steps.