-
- Wojciech Wideł
- Univ Rennes, INSA Rennes, CNRS, IRISA, Rennes Cedex, France
-
- Maxime Audinot
- Univ Rennes, CNRS, IRISA, Rennes Cedex, France
-
- Barbara Fila
- Univ Rennes, INSA Rennes, CNRS, IRISA, Rennes, France
-
- Sophie Pinchinat
- Univ Rennes, CNRS, IRISA, Rennes Cedex, France
書誌事項
- タイトル別名
-
- Formal Methods for Attack Tree--based Security Modeling
説明
<jats:p>Attack trees are a well established and commonly used framework for security modeling. They provide a readable and structured representation of possible attacks against a system to protect. Their hierarchical structure reveals common features of the attacks and enables quantitative evaluation of security, thus highlighting the most severe vulnerabilities to focus on while implementing countermeasures. Since in real-life studies attack trees have a large number of nodes, their manual creation is a tedious and error-prone process, and their analysis is a computationally challenging task. During the last half decade, the attack tree community witnessed a growing interest in employing formal methods to deal with the aforementioned difficulties. We survey recent advances in graphical security modeling with focus on the application of formal methods to the interpretation, (semi-)automated creation, and quantitative analysis of attack trees and their extensions. We provide a unified description of existing frameworks, compare their features, and outline interesting open questions.</jats:p>
収録刊行物
-
- ACM Computing Surveys
-
ACM Computing Surveys 52 (4), 1-36, 2019-08-30
Association for Computing Machinery (ACM)
- Tweet
詳細情報 詳細情報について
-
- CRID
- 1360861292496375808
-
- DOI
- 10.1145/3331524
-
- ISSN
- 15577341
- 03600300
-
- データソース種別
-
- Crossref
