Automated generation of attack trees by unfolding graph transformation systems

Huistra, D.J. (2016) Automated generation of attack trees by unfolding graph transformation systems.

Abstract:Analysis of an organization's security and the threats it faces is nowadays often done using attack trees that describe all possible threats facing a system or organization. A big challenge lies in obtaining these attack trees. Manually constructing them is tedious and error-prone work. Therefore, this project focuses on generating attack trees automatically from a given model that describes a system or organization. It improves upon previous efforts by providing an approach to identify all possible attacks from a given model in a more scalable manner, compared to the previous approach of constructing an attack graph, while remaining (security-)domain independent. This work demonstrates that this new approach, based on partial-order reduction, can have significant scalability benefits compared to the existing generic approach. In addition, it is shown that the graph transformations modeling paradigm can be used as a generic input language for describing systems and organizations, and using graph transformations gives the benefit of reusing existing efforts and implementations. Specifically, a partial-order technique called the unfolding of a graph transformation system is used as the basis of the approach, and GROOVE, a tool for constructing and analyzing graph transformation systems, is used as the basis of the implementation.
Item Type:Essay (Master)
Faculty:EEMCS: Electrical Engineering, Mathematics and Computer Science
Subject:54 computer science
Programme:Computer Science MSc (60300)
Link to this item:
Export this item as:BibTeX
HTML Citation
Reference Manager


Repository Staff Only: item control page