Events

e400
September 29, 2015Presentation: Automated Attack Tree Generation
Room: CarrĂ© 2KDavid Huistra
12:30-13:30

Attack Trees that model the possible attacks are used for qualitative and quantitative security analysis of systems and organizations. For larger systems/organizations, manually developing attack trees can become a labor intensive and error prone task.

 

This project looks into automatically generating attack trees given a model of the system/organization. The project looks into several steps including basic attack routes generation, attack tree refinement with domain specific attacks and refinement of basic attack steps with attributes, such as a probability of success.