By Topic

System level security modeling using attack trees

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

1 Author(s)
Parvaiz Ahmed Khand ; Department of Nuclear and Quantum Engineering, Korea Advanced Institute of Science and Technology (KAIST), 371-1, Guseong-dong, Yuseong-gu, Daejeon, 305-701, Republic of Korea

Vulnerabilities in intrusion tolerant systems have dependence on various dynamic aspects such as redundant mechanisms, fault and error recovery mechanisms, and different operation modes. The conventional nodes of attack trees cannot adequately capture the attacks towards those systems, thus constructing security models for the systems is very difficult. This paper introduces new nodes to model the security of those systems. The nodes include: PAND node, k/n node, SEQ node, CSUB node, and Housing node. We provide the syntax and graphical representation for each node. The nodes allow us to model attacks that require exploitation of vulnerabilities which have dependence on ordering events, sequence-dependant events, conditional failures and mechanisms which involve configuration changes with time. We use the nodes to construct attack trees for different security related systems.

Published in:

Computer, Control and Communication, 2009. IC4 2009. 2nd International Conference on

Date of Conference:

17-18 Feb. 2009