Sciweavers

IWSEC
2010
Springer

Optimal Adversary Behavior for the Serial Model of Financial Attack Trees

13 years 11 months ago
Optimal Adversary Behavior for the Serial Model of Financial Attack Trees
Abstract. Attack tree analysis is used to estimate different parameters of general security threats based on information available for atomic subthreats. We focus on estimating the expected gains of an adversary based on both the cost and likelihood of the subthreats. Such a multi-parameter analysis is considerably more complicated than separate probability or skill level estimation, requiring exponential time in general. However, this paper shows that under reasonable assumptions a completely different type of optimal substructure exists which can be harnessed into a linear-time algorithm for optimal gains estimation. More concretely, we use a decision-theoretic framework in which a rational adversary sequentially considers and performs the available attacks. The assumption of rationality serves as an upper bound as any irrational behavior will just hurt the end result of the adversary himself. We show that if the attacker considers the attacks in a goal-oriented way, his optimal expe...
Margus Niitsoo
Added 28 Jan 2011
Updated 28 Jan 2011
Type Journal
Year 2010
Where IWSEC
Authors Margus Niitsoo
Comments (0)