Guardado en:
Detalles Bibliográficos
Autores principales: Dorfhuber, Florian, Eisentraut, Julia, Klioba, Katharina, Kretinsky, Jan
Formato: Preprint
Publicado: 2024
Materias:
Acceso en línea:https://arxiv.org/abs/2406.15605
Etiquetas: Agregar Etiqueta
Sin Etiquetas, Sea el primero en etiquetar este registro!
_version_ 1866914951539458048
author Dorfhuber, Florian
Eisentraut, Julia
Klioba, Katharina
Kretinsky, Jan
author_facet Dorfhuber, Florian
Eisentraut, Julia
Klioba, Katharina
Kretinsky, Jan
contents Ranking risks and countermeasures is one of the foremost goals of quantitative security analysis. One of the popular frameworks, used also in industrial practice, for this task are attack-defense trees. Standard quantitative analyses available for attack-defense trees can distinguish likely from unlikely vulnerabilities. We provide a tool that allows for easy synthesis and analysis of those models, also featuring probabilities, costs and time. Furthermore, it provides a variety of interfaces to existing model checkers and analysis tools. Unfortunately, currently available tools rely on precise quantitative inputs (probabilities, timing, or costs of attacks), which are rarely available. Instead, only statistical, imprecise information is typically available, leaving us with probably approximately correct (PAC) estimates of the real quantities. As a part of our tool, we extend the standard analysis techniques so they can handle the PAC input and yield rigorous bounds on the imprecision and uncertainty of the final result of the analysis.
format Preprint
id arxiv_https___arxiv_org_abs_2406_15605
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle QuADTool: Attack-Defense-Tree Synthesis, Analysis and Bridge to Verification
Dorfhuber, Florian
Eisentraut, Julia
Klioba, Katharina
Kretinsky, Jan
Cryptography and Security
Ranking risks and countermeasures is one of the foremost goals of quantitative security analysis. One of the popular frameworks, used also in industrial practice, for this task are attack-defense trees. Standard quantitative analyses available for attack-defense trees can distinguish likely from unlikely vulnerabilities. We provide a tool that allows for easy synthesis and analysis of those models, also featuring probabilities, costs and time. Furthermore, it provides a variety of interfaces to existing model checkers and analysis tools. Unfortunately, currently available tools rely on precise quantitative inputs (probabilities, timing, or costs of attacks), which are rarely available. Instead, only statistical, imprecise information is typically available, leaving us with probably approximately correct (PAC) estimates of the real quantities. As a part of our tool, we extend the standard analysis techniques so they can handle the PAC input and yield rigorous bounds on the imprecision and uncertainty of the final result of the analysis.
title QuADTool: Attack-Defense-Tree Synthesis, Analysis and Bridge to Verification
topic Cryptography and Security
url https://arxiv.org/abs/2406.15605