elib
DLR-Header
DLR-Logo -> http://www.dlr.de
DLR Portal Home | Imprint | Privacy Policy | Accessibility | Contact | Deutsch
Fontsize: [-] Text [+]
Tell a friend Print

Streamlining Attack Tree Generation: A Fragment-Based Approach

Pekaric, Irdin and Frick, Markus and Adigun, Jubril Gbolahan and Groner, Raffaela and Witte, Thomas and Raschke, Alexander and Felderer, Michael and Tichy, Matthias (2024) Streamlining Attack Tree Generation: A Fragment-Based Approach. In: 57th Annual Hawaii International Conference on System Sciences, HICSS 2024, pp. 7447-7456. HICSS 2024, 2024-01-03, Hawaii. ISBN 978-099813317-1. ISSN 1530-1605.

[img] PDF
285kB

Official URL: https://hdl.handle.net/10125/107280

Abstract

Attack graphs are a tool for analyzing security vulnerabilities that capture different and prospective attacks on a system. As a threat modeling tool, it shows possible paths that an attacker can exploit to achieve a particular goal. However, due to the large number of vulnerabilities that are published on a daily basis, they have the potential to rapidly expand in size, necessitating a significant amount of resources to generate. In addition, generating composited attack models for complex systems such as self-adaptive or AI is very difficult due to their nature to continuously change. In this paper, we present a novel fragment-based attack graph generation approach that utilizes information from publicly available information security databases. Furthermore, we also propose a domain-specific language for attack modeling, which we employ in the proposed attack graph generation approach. Finally, we present a demonstrator example showcasing the attack generator's capability to replicate a verified attack chain, as previously confirmed by security experts.

Item URL in elib:https://elib.dlr.de/211379/
Document Type:Conference or Workshop Item (Speech)
Title:Streamlining Attack Tree Generation: A Fragment-Based Approach
Authors:
AuthorsInstitution or Email of AuthorsAuthor's ORCID iDORCID Put Code
Pekaric, IrdinUNSPECIFIEDUNSPECIFIEDUNSPECIFIED
Frick, MarkusUNSPECIFIEDUNSPECIFIEDUNSPECIFIED
Adigun, Jubril GbolahanUNSPECIFIEDUNSPECIFIEDUNSPECIFIED
Groner, RaffaelaUNSPECIFIEDUNSPECIFIEDUNSPECIFIED
Witte, ThomasUNSPECIFIEDUNSPECIFIEDUNSPECIFIED
Raschke, AlexanderUNSPECIFIEDUNSPECIFIEDUNSPECIFIED
Felderer, MichaelUNSPECIFIEDhttps://orcid.org/0000-0003-3818-4442175413601
Tichy, MatthiasUNSPECIFIEDUNSPECIFIEDUNSPECIFIED
Date:2024
Journal or Publication Title:57th Annual Hawaii International Conference on System Sciences, HICSS 2024
Refereed publication:Yes
Open Access:Yes
Gold Open Access:No
In SCOPUS:Yes
In ISI Web of Science:No
Page Range:pp. 7447-7456
ISSN:1530-1605
ISBN:978-099813317-1
Status:Published
Keywords:Cybersecurity and Software Assurance, attack chains, attack modeling, attack trees, dsl
Event Title:HICSS 2024
Event Location:Hawaii
Event Type:international Conference
Event Date:3 January 2024
HGF - Research field:Aeronautics, Space and Transport
HGF - Program:Space
HGF - Program Themes:Space System Technology
DLR - Research area:Raumfahrt
DLR - Program:R SY - Space System Technology
DLR - Research theme (Project):R - Digital Transformation in Space [SY]
Location: Köln-Porz
Institutes and Institutions:Institute of Software Technology
Deposited By: Felderer, Michael
Deposited On:10 Jan 2025 11:58
Last Modified:10 Jan 2025 11:58

Repository Staff Only: item control page
Browse
Search
Help & Contact
Information
OpenAIRE Validator logo electronic library is running on EPrints 3.3.12
Website and database design: Copyright © German Aerospace Center (DLR). All rights reserved.