|title:||Faster analysis of attack trees|
|topics:||Dependability, security and performance|
Carlos Esteban Budde
Attack trees are a graphical and intuitive formalism to express how vulnerabilities can be exploited by an attacker to achieve a successful system attack. A number of interesting measures can be computed for an attack, such as the time, cost, or probability of an attack.
The current analysis technique to compute these measures in Twente is to translate the attack tree to a timed automaton, and use the UPPAAL tool and its extensions to analyse the resulting model.
The goal of this project is to look for faster ways to compute some or all of these measures. Examples of such ways could be the conversion of an attack tree to linear programs, or rewriting attack trees into equivalent but easier-to-analyse trees.