Attack trees are often used to analyze a system or detect application programs attacks. To aid in software design, a method to create safe and stable systems should be created. An attack tree has multiple levels and is composed of different nodes, including root nodes, internal nodes, and leaf nodes. These nodes can be separated into parent nodes and child nodes when discussing their relation. Child nodes are defined as conditions that must be satisfied to make their direct parent nodes true. Although an attack tree can express vertical relationships between nodes well, it usually ignores parallel relationships of different branch nodes. Moreover, the relation between parent-child nodes may be inaccurate due to a poorly designed attack tree. To solve these problems, we present a new way to derive an attack tree system in which the initial attack tree is reconstructed into a new attack tree using Interpretive Structural Modeling (abbr. ISM). The proposed method can easily correct the relation between parent-child nodes and identify horizontal relationships. Finally, the proposed method derives a clear attack tree for more precise system's threat analysis and better defensive measures.
|ジャーナル||CEUR Workshop Proceedings|
|出版ステータス||Published - 2021|
|イベント||2018 International Workshop on Evidence-Based Security and Privacy in the Wild and the 1st International Workshop on Machine Learning Systems Engineering, WESPr-iMLSE 2018 - Nara, Japan|
継続期間: 2018 12 4 → …
ASJC Scopus subject areas
- Computer Science(all)