Beyond 2014
-
- Wojciech Wideł
- Univ Rennes, INSA Rennes, CNRS, IRISA, Rennes Cedex, France
-
- Maxime Audinot
- Univ Rennes, CNRS, IRISA, Rennes Cedex, France
-
- Barbara Fila
- Univ Rennes, INSA Rennes, CNRS, IRISA, Rennes, France
-
- Sophie Pinchinat
- Univ Rennes, CNRS, IRISA, Rennes Cedex, France
Bibliographic Information
- Other Title
-
- Formal Methods for Attack Tree--based Security Modeling
Description
<jats:p>Attack trees are a well established and commonly used framework for security modeling. They provide a readable and structured representation of possible attacks against a system to protect. Their hierarchical structure reveals common features of the attacks and enables quantitative evaluation of security, thus highlighting the most severe vulnerabilities to focus on while implementing countermeasures. Since in real-life studies attack trees have a large number of nodes, their manual creation is a tedious and error-prone process, and their analysis is a computationally challenging task. During the last half decade, the attack tree community witnessed a growing interest in employing formal methods to deal with the aforementioned difficulties. We survey recent advances in graphical security modeling with focus on the application of formal methods to the interpretation, (semi-)automated creation, and quantitative analysis of attack trees and their extensions. We provide a unified description of existing frameworks, compare their features, and outline interesting open questions.</jats:p>
Journal
-
- ACM Computing Surveys
-
ACM Computing Surveys 52 (4), 1-36, 2019-08-30
Association for Computing Machinery (ACM)
- Tweet
Details 詳細情報について
-
- CRID
- 1360861292496375808
-
- DOI
- 10.1145/3331524
-
- ISSN
- 15577341
- 03600300
-
- Data Source
-
- Crossref