A formal method for attack modelling and detection

Camtepe, Seyit Ahmet & Yener, Bulent (2006) A formal method for attack modelling and detection. Rensselaer Polytechnic Institute, New York.

View at publisher

Abstract

This paper presents a formal methodology for attack modeling and detection for networks. Our approach has three phases.

First, we extend the basic attack tree approach 1 to capture (i) the temporal dependencies between components, and (ii) the expiration of an attack.

Second, using the enhanced attack trees (EAT) we build a tree automaton that accepts a sequence of actions from input stream if there is a traverse of an attack tree from leaves to the root node.

Finally, we show how to construct an enhanced parallel automaton (EPA) that has each tree automaton as a subroutine and can process the input stream by considering multiple trees simultaneously. As a case study, we show how to represent the attacks in IEEE 802.11 and construct an EPA for it.

Impact and interest:

Citation counts are sourced monthly from Scopus and Web of Science® citation databases.

These databases contain citations from different subsets of available publications and different time periods and thus the citation count from each is usually different. Some works are not in either database and no count is displayed. Scopus includes citations from articles published in 1996 onwards, and Web of Science® generally from 1980 onwards.

Citations counts from the Google Scholar™ indexing service can be viewed at the linked Google Scholar™ search.

ID Code: 58479
Item Type: Report
Refereed: No
Keywords: attack modelling, attack trees, formal methods
Subjects: Australian and New Zealand Standard Research Classification > INFORMATION AND COMPUTING SCIENCES (080000) > COMPUTER SOFTWARE (080300) > Computer System Security (080303)
Divisions: Current > Schools > School of Electrical Engineering & Computer Science
Past > Institutes > Information Security Institute
Current > QUT Faculties and Divisions > Science & Engineering Faculty
Deposited On: 20 Mar 2013 03:41
Last Modified: 22 Mar 2013 04:45

Export: EndNote | Dublin Core | BibTeX

Repository Staff Only: item control page