Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
156 tokens/sec
GPT-4o
7 tokens/sec
Gemini 2.5 Pro Pro
45 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Attack tree metrics are operad algebras (2401.10008v1)

Published 18 Jan 2024 in cs.CR and math.CT

Abstract: Attack Trees (ATs) are a widely used tool for security analysis. ATs can be employed in quantitative security analysis through metrics, which assign a security value to an AT. Many different AT metrics exist, and there exist multiple general definitions that aim to study a wide variety of AT metrics at once. However, these all have drawbacks: they do not capture all metrics, and they do not easily generalize to extensions of ATs. In this paper, we introduce a definition of AT metrics based on category theory, specifically operad algebras. This encompasses all previous definitions of AT metrics, and is easily generalized to extensions of ATs. Furthermore, we show that under easily expressed operad-theoretic conditions, existing metric calculation algorithms can be extended in considerable generality.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (30)
  1. John C Baez and Nina Otter “Operads and phylogenetic trees” Preprint In arXiv:1512.03337, 2015
  2. “Determining the probability of smart grid attacks by combining attack tree and attack graph analysis” In International Workshop on Smart Grid Security, 2014, pp. 30–47 Springer
  3. Andrea Bobbio, Lavinia Egidi and Roberta Terruggia “A methodology for qualitative/quantitative analysis of weighted attack trees” In IFAC Proceedings Volumes 46.22 Elsevier, 2013, pp. 133–138
  4. “Evil twins: handling repetitions in attack–defense trees” In International Workshop on Graphical Models for Security, 2017, pp. 17–37 Springer
  5. Tai-Danae Bradley “Entropy as a topological operad derivation” In Entropy 23.9 MDPI, 2021, pp. 1195
  6. Randal E. Bryant “Graph-based algorithms for boolean function manipulation” In Computers, IEEE Transactions on 100.8 IEEE, 1986, pp. 677–691
  7. Randal E. Bryant “Symbolic boolean manipulation with ordered binary-decision diagrams” In ACM Computing Surveys (CSUR) 24.3 ACM New York, NY, USA, 1992, pp. 293–318
  8. Carlos E Budde and Mariëlle Stoelinga “Efficient algorithms for quantitative attack tree analysis” In 2021 IEEE 34th Computer Security Foundations Symposium (CSF), 2021, pp. 1–15 IEEE
  9. Huiyu Dong, Hongwei Wang and Tao Tang “An attack tree-based approach for vulnerability assessment of communication-based train control systems” In 2017 Chinese Automation Congress (CAC), 2017, pp. 6407–6412 IEEE
  10. Martin Doubek, Branislav Jurco and Lada Peksova “Properads and Homotopy Algebras Related to Surfaces” In arXiv preprint arXiv:1708.01195, 2017
  11. “A linear-time algorithm to find modules of fault trees” In IEEE Transactions on Reliability 45.3 IEEE, 1996, pp. 422–425
  12. “Efficient attack-defense tree analysis using Pareto attribute domains” In 2019 IEEE 32nd Computer Security Foundations Symposium (CSF), 2019, pp. 200–20015 IEEE
  13. “Operads for complex system design specification, analysis and synthesis” In Proceedings of the Royal Society A 477.2250 The Royal Society Publishing, 2021, pp. 20210099
  14. “Attack trees with sequential conjunction” In IFIP International Information Security and Privacy Conference, 2015, pp. 339–353 Springer
  15. Parvaiz Ahmed Khand and Poong Hyun Seong “An attack model development process for the cyber security of safety related nuclear digital I&C systems” In Proceedings of the Korean Nucleary Society (KNS) Fall meeting, 2007
  16. “On quantitative analysis of attack–defense trees with repeated labels” In International Conference on Principles of Security and Trust, 2018, pp. 325–346 Springer
  17. “Foundations of attack–defense trees” In International Workshop on Formal Aspects in Security and Trust, 2010, pp. 80–95 Springer
  18. Rajesh Kumar, Enno Ruijters and Mariëlle Stoelinga “Quantitative attack tree analysis via priced timed automata” In International Conference on Formal Modeling and Analysis of Timed Systems, 2015, pp. 156–171 Springer
  19. Nikolaos Limnios “Fault trees” John Wiley & Sons, 2013
  20. Milan Lopuhaä-Zwakenberg, Carlos E. Budde and Mariëlle Stoelinga “Efficient and Generic Algorithms for Quantitative Attack Tree Analysis” In IEEE Transactions on Dependable and Secure Computing, 2022, pp. 1–18 DOI: 10.1109/TDSC.2022.3215752
  21. “Attack time analysis in dynamic attack trees via integer linear programming” In arXiv preprint arXiv:2111.05114, 2021
  22. Martin Markl, Steven Shnider and James D Stasheff “Operads in algebra, topology and physics” American Mathematical Society Providence, RI, 2002
  23. “Foundations of attack trees” In International Conference on Information Security and Cryptology, 2005, pp. 186–198 Springer
  24. “Time-to-compromise model for cyber risk reduction estimation” In Quality of protection Springer, 2006, pp. 49–64
  25. José Meseguer “General logics” In Studies in Logic and the Foundations of Mathematics 129 Elsevier, 1989, pp. 275–329
  26. Antoine Rauzy “New algorithms for fault trees analysis” In Reliability Engineering & System Safety 40.3 Elsevier, 1993, pp. 203–211
  27. “Exact and truncated computations of prime implicants of coherent and non-coherent fault trees within Aralia” In Reliability Engineering & System Safety 58.2 Elsevier, 1997, pp. 127–144
  28. Bruce Schneier “Attack trees” In Dr. Dobb’s journal 24.12, 1999, pp. 21–29
  29. Donald Yau “Colored operads” American Mathematical Society, 2016
  30. Donald Yau “Operads of wiring diagrams” Springer, 2018
Citations (1)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now