MergeTree: a Tree Model with Merged Nodes for Threat Induction
Abstract
Threat tree model can clearly organize threat induction information and thus is widely used for risk analysis in software assurance. Threat tree will grow to complicated structures, e.g., the number of nodes and branches, when the threat information grows to a huge volume. To extend the scalability of the threat tree model, we propose a tree model with merged nodes so as to largely decrease the number of nodes and branches. The formal model and dedicated algorithms are proposed in details. The experimental results show the practicality of MergeTree. We also formally analyze the soundness and completeness of the proposed model.
References
[1]
[1] B. Schneier, “Attack Trees: Modeling Security Threats", Dr.Dobbs Journal, vol.24, no.12, pp. 21-29, 1999.
[2]
[2] A.T. Ali, D.P. Gruska, “Attack Trees with Time Constraints", in Proc. of the 28th International Workshop on Concurrency, Specification and Programming (CS&P2021), 2021, pp. 27-28.
[3]
[3] Asif, Waqar, Indranil Ghosh Ray, and Muttukrishnan Rajarajan. “An attack tree based risk evaluation approach for the internet of things," in Proc. of the 8th International Conference on the Internet of Things, 2018, pp. 1-8.
[4]
[4] Schiele, Nathan Daniel, and Olga Gadyatskaya. "A Novel Approach for Attack Tree to Attack Graph Transformation," International Conference on Risks and Security of Internet and Systems. Springer, 2022, pp. 1-8.
[5]
[5] H. Mantel, C. W. Probst, “On the Meaning and Purpose of Attack Trees", in Proc. of 2019 IEEE 32nd Computer Security Foundations Symposium (CSF2019), 2019, pp. 184-18415.
[6]
[6] Scala, Natalie M., et al. “Evaluating mail-based security for electoral processes using attack trees." Risk Analysis (2022).
[7]
[7] Ji, Xiang, et al. “Attack-defense trees based cyber security analysis for CPSs." in Proc. of 2016 17th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD), 2016, pp. 693-698.
[8]
[8] Kammueller, Florian. “Attack trees in Isabelle extended with probabilities for quantum cryptography," Computers and Security, vol. 87, pp: 101572, 2019.
[9]
[9] Sen He, Wei Ren, Tianqing Zhu and Kim-Kwang Raymond Choo, BoSMoS, “A Blockchain-Based Status Monitoring System for Defending Against Unauthorized Software Updating Industrial Internet of Things", IEEE Internet of Things Journal, IEEE, pp. 948-959, 2020.
[10]
[10] A.T. Ali, D.P. Gruska, “Attack Protection Tree", in Proc. of the 28th International Workshop on Concurrency, Specification and Programming (CS&P2019), 2019, pp. 1-6.
[11]
[11] Lenin, A., Willemson, J., Sari, D.P., “Attacker Profiling in Quantitative Security Assessment Based on Attack Trees", Bernsmed, K., Fischer-HÃŒbner, S. (eds) Secure IT Systems. NordSec 2014. Lecture Notes in Computer Science(), vol 8788, pp. 199-212, 2014.
[12]
[12] Depamelaere, Wouter, et al. “CPS security assessment using automatically generated attack trees," in Proc. of the 5th international symposium for ICS & SCADA cyber security research 2018. British Computer Society (BCS), 2018, pp. 1-10.
[13]
[13] Nishihara, Hideaki, et al. “On Validating Attack Trees with Attack Effects: An Approach from Barwise-Seligman’s Channel Theory," arXiv preprint arXiv:2204.06223 (2022).
[14]
[14]Pinchinat, Sophie, Mathieu Acher, and Didier Vojtisek. “ATSyRa: an integrated environment for synthesizing attack trees," International Workshop on Graphical Models for Security, 2015, pp. 97-101.
[15]
[15] Gadyatskaya, Olga, et al. “Refinement-aware generation of attack trees." in Proc. of International Workshop on Security and Trust Management, 2017, pp. 164-179.
[16]
[16]Ali, Aliyu Tanko, and Damas Gruska. “Dynamic Attack Trees Methodology," in Proc. of 2022 Interdisciplinary Research in Technology and Management (IRTM), 2022, pp. 1-9.
[17]
[17]Pinchinat, Sophie, Francois Schwarzentruber, and Sebastien Le Cong. “Library-Based Attack Tree Synthesis," in Proc. of International Workshop on Graphical Models for Security, 2020, pp. 24-44.
[18]
[18] Yaocheng Zhang, Wei Ren, Tianqing Zhu, Yi Ren, SaaS, A Situational Awareness and Analysis System for Massive Android Malware Detection, Future Generation Computer Systems, Volume 95,June 2019, 548-559.
[19]
[19]Paul, Stephane, and Raphael Vignon-Davillier. “Unifying traditional risk assessment approaches with attack trees," Journal of Information Security and Applications, vol. 19, no. 3, pp. 165-181, 2014.
[20]
[20]Fila, Barbara, and Wojciech Wide. “Exploiting attack defense trees to find an optimal set of countermeasures," in Proc. of 2020 IEEE 33rd Computer Security Foundations Symposium (CSF), 2020, pp. 395-410.
[21]
[21]Vigo, Roberto, Flemming Nielson, and Hanne Riis Nielson. “Automated generation of attack trees." in Proc. of 2014 IEEE 27th computer security foundations symposium, 2014, pp. 337-350.
Index Terms
- MergeTree: a Tree Model with Merged Nodes for Threat Induction
Recommendations
Decision tree induction with a constrained number of leaf nodes
With the advantages of being easy to understand and efficient to compute, the decision tree method has long been one of the most popular classifiers. Decision trees constructed with existing approaches, however, tend to be huge and complex, and ...
Top-Down Induction of Model Trees with Regression and Splitting Nodes
Abstract--Model trees are an extension of regression trees that associate leaves with multiple regression models. In this paper, a method for the data-driven construction of model trees is presented, namely, the Stepwise Model Tree Induction (SMOTI) ...
Management of security policy configuration using a Semantic Threat Graph approach
DBSEC 2008Managing the configuration of heterogeneous enterprise security mechanisms is a complex task. The effectiveness of a configuration may be constrained by poor understanding and/or management of the overall security policy requirements, which may, in turn,...
Comments
Information & Contributors
Information
Published In
March 2023
598 pages
ISBN:9781450399449
DOI:10.1145/3590003
Copyright © 2023 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 29 May 2023
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Funding Sources
- the Science and Technology Program of Guangzhou, China
Conference
CACML 2023
CACML 2023: 2023 2nd Asia Conference on Algorithms, Computing and Machine Learning
March 17 - 19, 2023
Shanghai, China
Acceptance Rates
CACML '23 Paper Acceptance Rate 93 of 241 submissions, 39%;
Overall Acceptance Rate 93 of 241 submissions, 39%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 24Total Downloads
- Downloads (Last 12 months)16
- Downloads (Last 6 weeks)0
Reflects downloads up to 14 Sep 2024
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign inFull Access
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML Format