Providing meaningful estimations for the quantitative annotations on the steps of complex multi-step attacks is hard, as they are jointly influenced by the infrastructure and attacker properties. The paper introduces attacker profiling as the concept of separation of the infrastructure properties from the properties of malicious agents undertaking strategic decisions in the considered environment. We show that attacker profiling may be integrated into existing quantitative security assessment tools without any significant performance penalty. As an example of such integration we introduce the new analysis tool named ApproxTree+ which is an extension of the existing ApproxTree tool, enhancing it by incorporating attacker profiling capabilities into it.
CITATION STYLE
Lenin, A., Willemson, J., & Sari, D. P. (2014). Attacker profiling in quantitative security assessment based on attack trees. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 8788, pp. 199–212). Springer Verlag. https://doi.org/10.1007/978-3-319-11599-3_12
Mendeley helps you to discover research relevant for your work.