China
Africa
Explore chapters and articles related to this topic
Cyber Security in Terms of IoT System and Blockchain Technologies in E-Healthcare Systems
Published in Sourav Banerjee, Chinmay Chakraborty, Kousik Dasgupta, Green Computing and Predictive Analytics for Healthcare, 2020
Sudipta Paul, Subhankar Mishra
Bruce Schneier popularized this term which is basically a tree with a “goal” or attack as the root and the way to “achieve” it as the leaf node (Russell and Van Duren 2016). In this way we can model the threats in a humanly understandable way. In an attack tree, from the bottom up the child nodes are the condition which will eventually satisfy the immediate parent node which may be a child node of another parent node, and finally when the root node is achieved, it is assured that the attack is completed. Therefore, an attack tree is a very good way to trace out the path of a malicious attack to take appropriate measures. Attack tree modeling software are of two kinds, i.e. open source (ADTool of University of Luxemburg, Ent, Seamonster) and commercial (Attacktree+ from Isograph and SecurITree from Amenaza Technologies).
A Model for and Inventory of Cybersecurity Values: Metrics and Best Practices
Published in Natalie M. Scala, James P. Howard, Handbook of Military and Defense Operations Research, 2020
Natalie M. Scala, Paul L. Goethals
Perhaps one of the most popular tools for threat modeling is the attack tree, first documented in the literature by the cryptographer Schneier (1999). The concept, illustrated in Figure 14.1, utilizes a diagram consisting of branches to represent various attack avenues, whereby an adversary achieves its objectives through a combination of A (and), O (or), or T (terminal) nodes. By identifying the different attack scenarios and establishing a scoring framework to assess the likelihood of each adversarial objective, the risk of an attack can then be quantified. The method involves estimating the degree of cost and benefit for an attacker; in some instances, an adversary’s motivations are further approximated using capability or behavior-based mathematical models.
Cybersecurity for the Smart Grid
Published in Stuart Borlase, Smart Grids, 2018
The purpose of an attack tree is to define the possible attack vectors to reach a desired attack outcome. This is a common exercise performed to assess the vulnerability of a system under test. Once an attack tree has been built, an attacker looks at the vectors on the attack tree to determine the least effort required that results in an exploit. The effort to accomplish an attack is measured against the expenditures, such as cost of equipment or personnel. It also factors into account the need for specialized tools or knowledge. Finally, effort is measured against the time needed to carry out an attack. For each of the attack outcomes, there is a graphical attack tree. The root node represents the goal of the attacker. The tree lists possible ways to reach the goal. The nodes of the tree represent potential attacks. The children of the nodes represent refinements of the attack.
An adaptive defense mechanism to prevent advanced persistent threats
Published in Connection Science, 2021
Yi-xi Xie, Li-xin Ji, Ling-shu Li, Zehua Guo, Thar Baker
Risk assessment with limited detection information complies with the attack graph and attack tree models that are built to express the existence and trajectory of the attack (Poolsappasit et al., 2012). To show the sequential process of cyber-attack, the Bayesian network is introduced to use belief state, a probability distribution over the state at a given device, to suggest the risk degree, whereas it does not refer to how to calculate the attack probability. Meng et al. (2018) adopt a BAG to express safety threats and assess cyber facilities’ safety risk using the exploitability metric of the Common Vulnerability Scoring System (CVSS) (Schiffman, 2020). Vulnerabilities knowledge can also be acquired in the National Vulnerability Database (NVD). Considering the joint probability in the Bayesian probability graph model, the marginal distribution and the conditional distribution of the target variable based on observable variables can be speculated. Accurate reasoning algorithms (e.g. variable elimination) or approximate reasoning algorithms (e.g. Gibbs sampling) have been extensively adopted.
Overview and Recommendations for Cyber Risk Assessment in Nuclear Power Plants
Published in Nuclear Technology, 2023
An attack tree provides a structured means to assess the vulnerabilities that could lead to damage. The top node of the attack tree is the attack goal, and the other nodes are specific activities for the given leaf node. “AND” and “OR” gates are used to calculate the logic. It encourages defenders to consider all reasonable attack paths to facilitate optimal countermeasure deployment. In addition, it provides analysis of multiple layers of the system and identifies common attack paths.