University of Twente Student Theses
Unveiling the hidden threats : An approach to solve the cost metric of an Attack Tree
Iperen, M.M.A.P. van (2024) Unveiling the hidden threats : An approach to solve the cost metric of an Attack Tree.
|
PDF
1MB |
| Abstract: | In light of the growing number of cyber threats targeting critical infrastructure, it is crucial to assess the security of systems. Attack trees offer a powerful visual frame- work for categorizing possible avenues of attack. By delving into attack tree metrics, such as minimum cost, potential vulnerabilities can be pinpointed and gauge the level of resources required for an attack. The aim is to investigate strategies for calculating the minimal cost metric of attack trees. The study is conducted using a self-created Python model for attack trees. In order to try different algorithms as a trial. Those algorithms are later formally proven. Thereby the existing bottom-up approach is analyzed and translated into a heuristic and two exact approaches are explored. For the latter, the concept of multi-parent nodes is defined to address the problem. In this paper, two results are presented. Firstly the limit of the bottom-up algorithm solution for AT is defined. An example is given to illustrate the worst-case. Addition- ally, two exact approaches are presented for keeping track of different sets of nodes, specifically the basic attack step (BAS) nodes or the multi-parent nodes. Additionally, it is proven that the latter is better because it allows us to keep track of less nodes. Furthermore, both result sets are reduced by only retaining the potential or obvious superior sets. The implications of this research are threefold. Firstly, this paper may be used for future research to generalize the limits of the bottom-up algorithm. Secondly, addi- tional enhancements to the exact approach are possible. Thirdly this can be used as a base to implement an algorithm to solve the security metric of an attack tree. |
| Item Type: | Essay (Bachelor) |
| Faculty: | EEMCS: Electrical Engineering, Mathematics and Computer Science |
| Subject: | 31 mathematics, 54 computer science |
| Programme: | Computer Science BSc (56964) |
| Link to this item: | https://purl.utwente.nl/essays/98386 |
| Export this item as: | BibTeX EndNote HTML Citation Reference Manager |
Show download statistics for this publication
Show download statistics for this publicationRepository Staff Only: item control page