Using attack-defense trees to analyze threats and countermeasures in an ATM: A case study
Title | Using attack-defense trees to analyze threats and countermeasures in an ATM: A case study |
Publication Type | Conference Paper |
Year of Publication | 2016 |
Authors | Fraile M., Ford M., Gadyatskaya O., Kumar R., Stoelinga M.IA, Trujillo-Rasua R. |
Conference Name | 9th IFIP WG 8.1 Working Conference on The Practice of Enterprise Modeling (PoEM), Skövde, Sweden |
Publisher | Springer |
Conference Location | Berlin |
Abstract | Securing automated teller machines (ATMs), as critical and complex infrastructure, requires a precise understanding of the associated threats. This paper reports on the application of attack-defense trees to model and analyze the security of ATMs.We capture the most dangerous multi-stage attack scenarios applicable to ATM structures, and establish a practical experience report, where we re ect on the process of modeling ATM threats via attack-defense trees. In particular, we share our insights into the benets and drawbacks of attack-defense tree modeling, as well as best practices and lessons learned. |
DOI | 10.1007/978-3-319-48393-1_24 |