A Stochastic Framework for Quantitative Analysis of Attack-Defense Trees
|Title||A Stochastic Framework for Quantitative Analysis of Attack-Defense Trees|
|Publication Type||Conference Paper|
|Year of Publication||2016|
|Authors||Jhawar R., Lounis K., Mauw S.|
|Conference Name||12th International Workshop on Security and Trust Management, STM 2016, Heraklion, Crete, Greece|
|Publisher||Springer International Publishing|
Cyber attacks are becoming increasingly complex, practically sophisticated and organized. Losses due to such attacks are important, varying from the loss of money to business reputation spoilage. Therefore, there is a great need for potential victims of cyber attacks to deploy security solutions that allow the identification and/or prediction of potential cyber attacks, and deploy defenses to face them. In this paper, we propose a framework that incorporates Attack-Defense trees (ADTrees) and Continuous Time Markov Chains (CTMCs) to systematically represent attacks, defenses, and their interaction. This solution allows to perform quantitative security assessment, with an aim to predict and/or identify attacks and find the best and appropriate defenses to reduce the impact of attacks.