Premium Essay

Attack Countermeasure Trees (Act): Towards Unifying the Constructs of Attack and Defense Trees

In: Computers and Technology

Submitted By sidhurox
Words 8828
Pages 36
SECURITY AND COMMUNICATION NETWORKS
Security Comm. Networks (2011)
Published online in Wiley Online Library (wileyonlinelibrary.com). DOI: 10.1002/sec.299

SPECIAL ISSUE PAPER

Attack Countermeasure Trees (ACT): towards unifying the constructs of attack and defense trees
Arpan Roy* , Dong Seong Kim and Kishor S. Trivedi
Department of Electrical & Computer Engineering, Duke University, Durham, NC 27708, U.S.A.

ABSTRACT
Attack tree (AT) is one of the widely used non-state-space models for security analysis. The basic formalism of AT does not take into account defense mechanisms. Defense trees (DTs) have been developed to investigate the effect of defense mechanisms using measures such as attack cost, security investment cost, return on attack (ROA), and return on investment
(ROI). DT, however, places defense mechanisms only at the leaf nodes and the corresponding ROI/ROA analysis does not incorporate the probabilities of attack. In attack response tree (ART), attack and response are both captured but ART suffers from the problem of state-space explosion, since solution of ART is obtained by means of a state-space model. In this paper, we present a novel attack tree paradigm called attack countermeasure tree (ACT) which avoids the generation and solution of a state-space model and takes into account attacks as well as countermeasures (in the form of detection and mitigation events). In ACT, detection and mitigation are allowed not just at the leaf node but also at the intermediate nodes while at the same time the state-space explosion problem is avoided in its analysis. We study the consequences of incorporating countermeasures in the ACT using three case studies (ACT for BGP attack, ACT for a SCADA attack and
ACT for malicious insider attacks). Copyright © 2011 John Wiley & Sons, Ltd.
KEYWORDS
attack trees; non-state-space model; mincuts;…...

Similar Documents

Free Essay

The Bean Trees

...reasons: to escape, to seek a new way of life, to find adventure, to find love, to discover oneself or to simply keep moving. In the novel The Bean Trees by Barabara Kingsolver, Taylor the main character sets off on a journey for all these reasons. On her journey to self-discovery Taylor Greer manages to overcome her weaknesses The beans that are continually revealed throughout the novel represent Taylor’s life. The earliest mention of the beans took place when Taylor takes a close look at the reality of her life. “I had never done anything more interesting for a living than… picking bugs off somebody’s bean vines for a penny a piece.” (Pg 4) The beans so far are a symbol of Taylor’s weaknesses, as she and the beans are both of poor quality. Gradually, the beans are becoming of some significance in the novel, since they are truly beginning to echo Taylor’s life. Just as the beans did, Taylor begun her life without a great deal of impact on anyone, only to come plowing up and impact people where they did not expect it. At the end of the novel, the reader again encounters the beans for the last time. Although this time, the reader captures the complete significance of the beans. The beans, symbolism reflects Taylor’s development throughout her life perfectly. Taylor grew in poor soil and without the influence of the people, whom act like rhizobia that she encounters, she would have never been able to fight her weaknesses and realize her strengths. Taylor grows to become......

Words: 1032 - Pages: 5

Premium Essay

Decision Trees

...Decision trees http://www.alchemyformanagers.co.uk/topics/4qpj5es2SiaJVVXn.html Decision trees A decision tree is a visual tool for analysing decisions. In using it, you generate a tree-like graph of decisions and their consequences. In the simplest form of this technique Squares represent decisions Triangles represent end points. Jewish proverb When the graph is completed, you can then add probabilities for each of the individual branches and from the overall probabilities of the end points. If there are two courses of action, you should take the third. Using the technique As a simple example, let’s suppose that I decide that I want to travel from my home to a hotel in town A. So let’s draw the options in a decision tree: We can now add some percentages to reflect either our preferences or an estimate of some factor that we would like to consider (for example cost, estimated likelihood and so on). In this case, I will use personal preferences: I am assuming here that the train station is close to my home. For ‘walk’ I have added 0 per cent because it is a long distance to town A. The bus takes a long time, but it is quite cheap, so I have given it ten per cent. Notice that I have also added end points to ‘walk’ and ‘drive’ as they both get me to my destination. ‘Train’ and ‘bus’ however do not get me to my final destination, so I now extend my decision tree by adding more decision points, options and estimates: We can now see what the final end point......

Words: 720 - Pages: 3

Free Essay

Trees

...Read this essay on the Importance of Trees ! Plants are very important for us. They provide us fresh fruits, wood, natural herbs and many things of professional value. They are home to numerous wildlife, bugs and creatures. They provide colour to men and creatures. They prevent famine and cause rain fall. They help in verifying polluting the environment. They provide us fresh air to take in and play essential role in the process of CO2. So, we should increase forestation. Wood is the most effective product that trees provide us with. We use wooden often. Wood is used as petrol and wood. Wood is used to make furnishings. Wood is also used to lay the paths of the railways. Plants are excellent sources of therapeutic natural herbs, ribbons and raw materials for many sectors. We get resins, organic gum area, etc. from the trees. The bamboo sheets bedding is an essential wide range of shrub which develops in large quantity. It is of excellent professional value. It is found everywhere. It is used as building content to make short-term shed. It is an essential resource of protection for the poor and financially sluggish individuals. Bamboo is used to make pads, barrier, bag and various products of the crafts. Bamboo is used as raw content to make paper. Cane is another wide range of shrub which is used in many things. Mats, rules and furnishings are created from the cane. Furniture created of cane is highly creative, wonderful and costly. Lac is one of the most......

Words: 456 - Pages: 2

Premium Essay

Saving Trees

...Importance of trees Trees are really important in a human being’s life. Without them we, humans, can’t live. Although trees are important, they aren’t cared about and are used unwisely. Trees need to be saved and people should stop wasting paper and such so that we can save as much trees as we can. Trees have a lot of benefits which we should appreciate and care about. Starting off, trees provide the oxygen that we breathe. Without that oxygen, we won’t be able to live. If trees are the ones keeping us alive, shouldn’t we be thankful and help save them? Trees produce a lot of oxygen to keep us alive. “In one year an acre of mature trees can provide enough oxygen for 18 people” (TreePeople). This means that in one year, a bunch of fully developed trees can produce enough oxygen to keep 18 people alive. Trees help us live, so we should help them too. Second, tees help moderate the earth’s temperature. The shade from trees helps cool the earth’s temperature. (eco kids). Without the shades from the trees the earth would be a burning hell. It would be too hot to go outside. Those shades help maintain the temperature and cool it down. The trees do that by absorbing heat, and producing shade. This, again, is another reason we should be thankful to trees. Last but not least, trees provide us with an enormous amount of food that we need to survive. They provide us with food directly and indirectly. Directly, is when we eat fruits or vegetables. We get the fruits from the tree...

Words: 538 - Pages: 3

Premium Essay

The Importance of Trees

...Internet that said, “Imagine if trees gave off Wi-Fi signals, we would be planting so many trees and we’d probably save the planet too. Too bad they only produce the oxygen we breathe.” It’s sad how true that statement is, we value access to the Internet more than we value the air we breathe every day. Trees are the one thing that help us survive and people view them as trivial objects more and more each day, underestimating the fact that our destruction of them could lead to a destruction of us. The leaves of trees can come in all different shapes and sizes. They form in bunches and give a sense of hair to the tree, adding a way to differentiate one tree from another. With the leaves, trees give us beauty. There’s not a prettier sight than mid-October, when all the tree’s leaves have changed colors and everywhere you turn there are different types of reds, oranges, yellows and more. The foliage is just one of the many reasons why trees are important, they give us natural beauty. They could be described as a painting in nature just without using brushes, paint or canvases. Tree’s trunks come in all different sizes, some thicker than others, giving protection in a way, to us humans and to animals. Since most trunks are big, hunters usually hide in between them when they’re looking for potential game. They wear camouflage to blend in with the trees, usually in patterns of different types of greens, browns and light mustard yellows. Speaking of game, trees also are the home......

Words: 980 - Pages: 4

Free Essay

Trees

...Trees Most trees around the world are located in the Russian taiga. It is only fitting since Russia is the largest country by far, although lots of trees around the world are being cut down at an alarming rate so it wouldn't be surprising to see the tree population of Russia go down. Trees are a renewable resource- by the planting of more trees even though it takes a few years for trees to get big we still have plenty of them around. Wood is made of tiny fibers called cellulose and the natural glue that holds them together is called lignin. When wood is turned into paper, heat and chemicals dissolve the lignin and the cellulose fibers come out. Byproducts of this process are used in asphalt, paint, chewing gum, detergents and turpentine. Cellulose is used for more than just paper. It is used for dinnerware including melamine in it, toilet seats, tool handles and cellophane. You can also use it to produce helmets, toothbrushes and electrical outlets. Some other you can make from it is nail polish, rocket fuel and industrial explosives. Wood pulping by-products are used for lots of weird things like cleaning stuff, deodorants, hair spray, and even fake vanilla flavorings! We obtain all the wood by cutting down trees with machines, chainsaws, and sometimes axes! Deforestation is the clearing Earth's forests in a big way, often resulting in damage to the quality of the land. Deforestation has many negative effects on the environment. The biggest impact is a loss of habitat for...

Words: 507 - Pages: 3

Premium Essay

The Trees

...and bamboos are also trees. Trees tend to be long-lived, some reaching several thousand years old. The tallest known tree, a coast redwood named Hyperion, stands 115.6 m (379 ft) high. Trees have been in existence on the Earth for 370 million years. Trees are not a taxonomic group but include a variety of plant species that have independently evolved a woody trunk and branches as a way to tower above other plants to compete for sunlight. A tree typically has many secondary branches supported clear of the ground by the trunk. This trunk typically contains woody tissue for strength, and vascular tissue to carry materials from one part of the tree to another. For most trees it is surrounded by a layer of bark which serves as a protective barrier. Below the ground, the roots branch and spread out widely; they serve to anchor the tree and extract moisture and nutrients from the soil. Above ground, the branches divide into smaller branches and shoots. The shoots typically bear leaves, which capture light energy and convert it into sugars by photosynthesis, providing the food for the tree's growth and development. Flowers and fruit may also be present, but some trees, such as conifers, instead have pollen cones and seed cones; others, such as tree ferns, produce spores instead. Trees play a significant role in reducing erosion and moderating the climate. They remove carbon dioxide from the atmosphere and store large quantities of carbon in their tissues. Trees and forests......

Words: 402 - Pages: 2

Free Essay

Attack Methodology and Countermeasures

...Attack Methodology and Countermeasures Strayer University SEC420 Professor Gillen July 24, 2015 Attack Methodology and Countermeasures When most people hear the term “hacker” they think of an evil person committing crimes by hacking into their computers to steal, destroy and/or steal identities. This is so in some cases, but not all hackers are bad. Hackers are merely curious technically skilled individuals who gain unauthorized access to computers, networks of various companies, organizations and individuals. Good hackers are considered white hat hackers. They are the ones, who are hired to break into systems as a way of testing the vulnerabilities and security issues that may be present in the computer system. Consider this: company XYZ, a mid-sized corporation, is in the middle of satisfying their regulatory compliance needs.  The manager of security at the company has been tasked by the CIO (Chief Information Officer) to report on the company’s current security posture. If the manager decided to outsource an ethical or white hat hacker in attempt to test their security measures. Over the course of this document various things the third party hacker would need from the company, things he or she would provide to the company and some predictions for the tests. In order to exploit the targeted systems the initial steps to gain as much information as possible about the targets. In this case, the manager is the contact in which questions may be posed. The hacker......

Words: 1432 - Pages: 6

Free Essay

Trees

...Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay Trees Essay......

Words: 1536 - Pages: 7

Free Essay

Christmas Trees

...Christmas Trees Christmas trees are an icon around this time of year. It doesn’t fail while driving down the road and there’s a car with a tree strapped on the hood. Christmas trees come in a variety of different shapes, size, and color and yes smell. Before starting a Christmas tree farm, one must figure out what type of trees they want to have, or what variety they want. The most common types of trees that would be found in a person’s tree stand would be Douglas fir, Fraser Fir, Noble Fir, Scotch pine, Eastern White Pine, Virginia Pine, Grand Fir, and Eastern Red Cedar. Douglas fir have soft needles with a dark green in color. The needles can reach to an inch in half. The needles have a sweet fragrance when crushed, most common Christmas tress species. The Fraser Fir have branches that face up, with an excellent scent as well. They have a blue-green color. These trees are easy for shipping. Noble Fir are known for their beauty. They have strong branches to hang ornaments, and are used well for wreaths and garland. Scotch pine have needles that are an inch in length and have a bright green color. The needles will not fall off the tree when dry. It is also a common tree because of the freshness it keeps through the holidays. Eastern White Pine have soft green needles. It has a strong scent, and produces decorative pine cones. Virginia Pine is the most unusual as it can tolerate warmer winter temperatures. The tree is smaller than the other varieties, and is more common......

Words: 1373 - Pages: 6

Free Essay

Attacks

...which sign up with cloud-based storage solutions like Google Drive, Dropbox, OneDrive and many more. On detecting the endpoint, ransomware will exploit the stored personal credentials of the logged-in user and will even infect the cloud storage that is backed up. McAfee has warned that ransomware attackers will try out as many ways possible to shell out ransom payments from their victims. Degree of damage The most advanced and most damaging ransomware in the wild at the moment, specifically targeting U.S. businesses and individuals. It's a $70 million per year criminal enterprise. Its magnitude is now confirmed by law enforcement. Some quick math shows $18,145 in costs per victim, caused by network mitigation, network countermeasures, loss of productivity, legal fees, IT services, and/or the purchase of credit monitoring services for employees or customers. As you can see, the total costs of a ransomware infection goes well above just the ransom fee itself, which is usually around $500 but can go up to $10,000. What it attacked Ransomware is a type of malware that infects a computer and restricts a user’s access to the infected computer. This type of malware, which has now been observed for several years, attempts to extort money from victims by displaying an on-screen alert. These alerts often state that their computer has been locked or that all of their files have been encrypted, and demand that a ransom is paid to restore access. This ransom is......

Words: 2057 - Pages: 9

Free Essay

Trees

...cost which makes the production unprofitable 4. High energy cost because of the machines that will produce fiber 5. Continuous cutting of trees which is the major source in producing paper Opportunities of the industry 1. Growth of paper in local consumption because of population growth 2. Cheap price compare to other competing product 3. More cities are complying to total plastic ban in the Philippines which means mostly paper will serve as carrier bag 4. Paper is one of the fastest way used to give information 5. Most paper serves as food container because of its safe composition Threats of the industry 1. There environmental requirements are getting more stringent 2. Increasing competition in other competing materials 3. Innovation of materials in other industry happened while paper retained its traditional uses throughout decades 4. Paper quality is weak that it cannot hold heavy materials 5. The sources of raw material are only limited and may take time to produce Alternative Courses of Action 1. Create own source of wood pulp (through industrial plantation and recycled papers) Advantages * Environmental friendly * Improve country’s wastepaper recovery and recycling rate * Low cost in long term benefits Disadvantages * It takes time to wait for trees to be used in production (5-7 years) * Reforestation would be costly * Costly because another large area of plantation will be needed......

Words: 539 - Pages: 3

Premium Essay

Defense Attacks

...The Department of Defense (DoD) manages one of the largest and most targeted networks, up to 250,000 attacks per day. (Daniel Gouré, 2015) As a member of this organization, I see the low level applications set forth by the strategic minds of the DoD Chief Information Officer and Secretary of Defense. As the organization that laid the foundation for the internet, the DoD has evolved over the years reacting to the vulnerabilities and threats to their vast information systems. Past breaches have illustrated how vulnerable the networks are, and we can look at history to see the development of the defense networks and security. The DoD made a large impact across the computer security field with their security handbook called the “Orange Book”. The official name for the Orange Book is “DoD 5200.28-STD, Department of Defense Trusted Computer System Evaluation Criteria”, which was first written in 1983 and further updated in 1985. (Department of Defense, 1985) It is the computer system criteria book within a series of security related guides and directives called the “Rainbow Series,” which are the numerous standards and guidelines published by the Department of Defense. The document laid the foundation for the communication between the developers and the customers. The model was based on systems meeting six security requirements: security policy, marking of objects, identification of subjects, accountability, assurance, and continuous protection. After evaluation, the system is......

Words: 2282 - Pages: 10

Premium Essay

How to Survive a Nuclear Attack

...Third printing September 1990 ISBN 0-942487-01-X Library of Congress Catalogue Card Number 87-60790 CRESSON H. KEARNY Civil Defense Consultant, Retired A LETTER TO THE AMERICAN PEOPLE FROM CRESSON KEARNY, INVENTOR OF THE KFM Dear Reader, At the time I developed the Kearny Fallout Meter with help from U.S. Department of Energy scientists and engineers, we did not address the issue of nuclear terrorism. We were so concerned back then in the 1970's with the danger of all-out nuclear war that we neglected to instruct users of the KFM of its advantages in a terrorist attack with few and smaller nuclear weapons. Fear of life-threatening fallout from massive Soviet attacks carried over to exaggerated fears of all radiation, including that from terrorists' few weapons. In Oak Ridge National Laboratory publications to be read by the public we did not even mention hormesis, for to have done so at that time probably would have prevented my most influential book, "Nuclear War Survival Skills," from being purchased and used by government agencies to instruct civil defense professionals. When Hitler first bombed London the panic the bombs caused did far more damage than the bombs themselves. After the citizens of London lost their exaggerated fears of the bombings, life went on much as normal. And so it would be with a nuclear terrorist attack on the U.S. One nuclear bomb exploded in a U.S. city would likely be very small. And though it could do catastrophic......

Words: 39667 - Pages: 159

Premium Essay

Attack

...Attack Prevention Trent Lucas CMGT/441 February 27th, 2012 Jude Bowman Attack Prevention Preventing unauthorized access to an organization’s network and resources requires a comprehensible defensive strategy, which includes effective technological tools, and user awareness (“Attack Prevention”, 2012). Often, information technology staff members purchase software and hardware solutions for preventing attacks against network and resources; however, it results in an increasing budget, additional training, additional solutions, new attack vectors or vulnerabilities, and trade off solutions. To manage risks effectively, a staff must first identify network/resources vulnerabilities by conducting a risk analysis. Second, he or she must research a variety of technologies and tools comparing them against the current network risks for preventing and managing access. Some common technologies and tools include: - Firewalls, Intrusion Prevention Systems (IPS,) content security, software updates, and hardening operating systems and applications. Network and Resources Security Risks determine the types of technologies and tools needed for protecting an organization’s network, resources, and assets. Additionally, firewalls, and anti-virus programs protect a network to a certain extent against traffic control and malware. However, advancement in technology paved new ways for hackers, and hackers almost always find vulnerabilities to exploit assets. Throughout this paper, the topic...

Words: 1082 - Pages: 5