DAG-Based Attack and Defense Modeling: Don't Miss the Forest for the Attack Trees
Posted: August 22, 2016
| Title | DAG-Based Attack and Defense Modeling: Don't Miss the Forest for the Attack Trees |
| Publication Type | Journal Article |
| Year of Publication | 2015 |
| Authors | Kordy B.K, Piètre-Cambacédès L., Schweitzer P. |
| Journal | Computer Science Review |
| Volume | 13-14 |
| Pagination | 1–38 |
| Date Published | November |
| ISSN | 1574-0137 |
| Keywords | Attack and defense modeling, attack trees, Bayesian networks, Graphical models for security, Quantitative and qualitative security assessment, Security measures |
| Abstract | This paper presents the current state of the art on attack and defense modeling approaches that are based on directed acyclic graphs (DAGs). DAGs allow for a hierarchical decomposition of complex scenarios into simple, easily understandable and quantifiable actions. Methods based on threat trees and Bayesian networks are two well-known approaches to security modeling. However there exist more than 30 DAG-based methodologies, each having different features and goals. The objective of this survey is to summarize the existing methodologies, compare their features, and propose a taxonomy of the described formalisms. This article also supports the selection of an adequate modeling technique depending on user requirements. |
| DOI | 10.1016/j.cosrev.2014.07.001 |
