Home > Publications
Home University of Twente
Prospective Students
Intranet (internal)

EEMCS EPrints Service

26352 Calculating Adversarial Risk from Attack Trees: Control Strength and Probabilistic Attackers
Home Policy Brochure Browse Search User Area Contact Help

Pieters, W. and Davarynejad, M. (2015) Calculating Adversarial Risk from Attack Trees: Control Strength and Probabilistic Attackers. In: 9th International Workshop on Data Privacy Management, Autonomous Spontaneous Security, and Security Assurance (DPM), 10-11 Sep 2014, Wroclaw, Poland. pp. 201-215. Lecture Notes in Computer Science 8872 . Springer. ISSN 0302-9743 ISBN 978-3-319-17015-2

Full text available as:

- Univ. of Twente only
693 Kb

Official URL:

Exported to Metis


Attack trees are a well-known formalism for quantitative analysis of cyber attacks consisting of multiple steps and alternative paths. It is possible to derive properties of the overall attacks from properties of individual steps, such as cost for the attacker and probability of success. However, in existing formalisms, such properties are considered independent. For example, investing more in an attack step would not increase the probability of success. As this seems counterintuitive, we introduce a framework for reasoning about attack trees based on the notion of control strength, annotating nodes with a function from attacker investment to probability of success. Calculation rules on such trees are defined to enable analysis of optimal attacker investment. Our second result consists of the translation of optimal attacker investment into the associated adversarial risk, yielding what we call adversarial risk trees. The third result is the introduction of probabilistic attacker strate- gies, based on the fitness (utility) of available scenarios. Together these contributions improve the possibilities for using attack trees in adversarial risk analysis.

Item Type:Conference or Workshop Paper (Full Paper, Talk)
Research Group:EWI-SCS: Services, Cyber security and Safety
Research Program:CTIT-General
Research Project:TREsPASS: Technology-supported Risk Estimation By Predictive Assessment Of Socio-technical Security
Additional Information:Foreground = 100%; Type of activity = Conference; Main leader = TUD; Type of audience = Scientific community; Size of audience = 20; Countries addressed = International;
Uncontrolled Keywords:Adversarial risk analysis, Attack trees, Attacker models, Control strength, Fitness functions, Security metrics, simulation
ID Code:26352
Deposited On:22 October 2015
More Information:statisticsmetis

Export this item as:

To request a copy of the PDF please email us request copy

To correct this item please ask your editor

Repository Staff Only: edit this item