Probabilistic reasoning with graphical security models
作者: Barbara Kordy , Marc Pouly , Patrick Schweitzer
DOI: 10.1016/J.INS.2016.01.010
关键词: Semiring 、 Bayesian network 、 Probabilistic analysis of algorithms 、 Artificial intelligence 、 Machine learning 、 Attack patterns 、 Theoretical computer science 、 Bayesian probability 、 Computer security model 、 Inference 、 Mathematics 、 Probabilistic logic
摘要: We develop a framework for probabilistic analysis of security scenarios with dependencies.We combine the model attack-defense trees (ADTrees) Bayesian networks.We prove that propositionally equivalent ADTrees yield same probability value.We compare our computational method standard bottom-up algorithm ADTrees.We use semiring theory to improve efficiency computations. This work provides meaningful evaluation involving dependent actions. graphical modeling technique information expressed in terms networks. In order computations on trees, we make inference algorithms and encoding techniques from constraint reasoning. The proposed approach is illustrated running example are automated help suitable software tools. show routines developed this paper form conservative generalization tree formalism defined previously. discuss algebraic underlying point out several generalizations which possible thanks theory. Finally, results apply directly industrially recognized attack trees.
narcis.nl
utwente.nl参考文章(39)
Catherine Meadows, R Wright, P Neumann, A representation of protocol attacks for risk assessment. Network Threats. pp. 1- 10 ,(1996)
Juerg Kohlas, Marc Pouly, Generic Inference: A Unifying Theory for Automated Reasoning ,(2011)
仁 大西, Pearl, J. (1988, second printing 1991). Probabilistic Reasoning in Intelligent Systems: Networks of Plausible Inference. Morgan-Kaufmann. Cognitive Studies: Bulletin of the Japanese Cognitive Science Society. ,vol. 1, ,(1994) , 10.11225/JCSS.1.2_100
Barbara Kordy, Sjouke Mauw, Patrick Schweitzer, Quantitative questions on attack: defense trees international conference on information security and cryptology. pp. 49- 64 ,(2012) , 10.1007/978-3-642-37682-5_5
Lingyu Wang, Tania Islam, Tao Long, Anoop Singhal, Sushil Jajodia, An Attack Graph-Based Probabilistic Security Metric Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security. ,vol. 5094, pp. 283- 296 ,(2008) , 10.1007/978-3-540-70567-3_22
Barbara Kordy, Sjouke Mauw, Saša Radomirović, Patrick Schweitzer, Foundations of Attack–Defense Trees Lecture Notes in Computer Science. ,vol. 6561, pp. 80- 95 ,(2011) , 10.1007/978-3-642-19751-2_6
Barbara Kordy, Marc Pouly, Patrick Schweitzer, A Probabilistic Framework for Security Scenarios with Dependent Actions integrated formal methods. pp. 256- 271 ,(2014) , 10.1007/978-3-319-10181-1_16
Xinzhou Qin, Wenke Lee, Attack plan recognition and prediction using causal networks annual computer security applications conference. pp. 370- 379 ,(2004) , 10.1109/CSAC.2004.7
Barbara Kordy, Marc Pouly, Patrick Schweitzer, Computational aspects of attack---defense trees international workshop on security. pp. 103- 116 ,(2011) , 10.1007/978-3-642-25261-7_8
Prakash P. Shenoy, Valuation-based systems: a framework for managing uncertainty in expert systems Fuzzy logic for the management of uncertainty. pp. 83- 104 ,(1992)