September 29, 2015Presentation: Automated Attack Tree Generation
Room: CarrĂ© 2KDavid Huistra

Attack Trees that model the possible attacks are used for qualitative and quantitative security analysis of systems and organizations. For larger systems/organizations, manually developing attack trees can become a labor intensive and error prone task.


This project looks into automatically generating attack trees given a model of the system/organization. The project looks into several steps including basic attack routes generation, attack tree refinement with domain specific attacks and refinement of basic attack steps with attributes, such as a probability of success.