Learning Attack Trees by Genetic Algorithms

D 2023

Learning Attack Trees by Genetic Algorithms

DORFHUBER, Florian Sebastian, Julia EISENTRAUT and Jan KŘETÍNSKÝ

Basic information

Original name

Learning Attack Trees by Genetic Algorithms

Authors

DORFHUBER, Florian Sebastian (276 Germany, belonging to the institution), Julia EISENTRAUT (276 Germany) and Jan KŘETÍNSKÝ (203 Czech Republic, belonging to the institution)

Edition

Lima, Theoretical Aspects of Computing – ICTAC 2023, p. 55-73, 19 pp. 2023

Publisher

Springer

Other information

Language

English

Type of outcome

Stať ve sborníku

Field of Study

10201 Computer sciences, information science, bioinformatics

Country of publisher

Germany

Confidentiality degree

není předmětem státního či obchodního tajemství

Publication form

electronic version available online

Impact factor

Impact factor: 0.402 in 2005

RIV identification code

RIV/00216224:14330/23:00133581

Organization unit

Faculty of Informatics

ISBN

978-3-031-47962-5

ISSN

DOI

http://dx.doi.org/10.1007/978-3-031-47963-2_5

UT WoS

001160556100005

Keywords in English

genetic algorithms

Abstract

V originále

Attack trees are a graphical formalism for security assessment. They are particularly valued for their explainability and high accessibility without security or formal methods expertise. They can be used, for instance, to quantify the global insecurity of a system arising from the unreliability of its parts, graphically explain security bottlenecks, or identify additional vulnerabilities through their systematic decomposition. However, in most cases, the main hindrance in the practical deployment is the need for a domain expert to construct the tree manually or using further models. This paper demonstrates how to learn attack trees from logs, i.e., sets of traces, typically stored abundantly in many application domains. To this end, we design a genetic algorithm and apply it to classes of trees with different expressive power. Our experiments on real data show that comparably simple yet highly accurate trees can be learned efficiently, even from small data sets.

Citovat

DORFHUBER, Florian Sebastian, Julia EISENTRAUT and Jan KŘETÍNSKÝ. Learning Attack Trees by Genetic Algorithms. Online. In Theoretical Aspects of Computing – ICTAC 2023. Lima: Springer, 2023, p. 55-73. ISBN 978-3-031-47962-5. Available from: https://dx.doi.org/10.1007/978-3-031-47963-2_5.

@inproceedings{2375977,
   author = {Dorfhuber, Florian Sebastian and Eisentraut, Julia and Křetínský, Jan},
   address = {Lima},
   booktitle = {Theoretical Aspects of Computing – ICTAC 2023},
   doi = {http://dx.doi.org/10.1007/978-3-031-47963-2_5},
   keywords = {genetic algorithms},
   howpublished = {elektronická verze "online"},
   language = {eng},
   location = {Lima},
   isbn = {978-3-031-47962-5},
   pages = {55-73},
   publisher = {Springer},
   title = {Learning Attack Trees by Genetic Algorithms},
   year = {2023}
}

TY  - JOUR
ID  - 2375977
AU  - Dorfhuber, Florian Sebastian - Eisentraut, Julia - Křetínský, Jan
PY  - 2023
TI  - Learning Attack Trees by Genetic Algorithms
PB  - Springer
CY  - Lima
SN  - 9783031479625
KW  - genetic algorithms
N2  - Attack trees are a graphical formalism for security assessment. They are particularly valued for their explainability and high accessibility without security or formal methods expertise. They can be used, for instance, to quantify the global insecurity of a system arising from the unreliability of its parts, graphically explain security bottlenecks, or identify additional vulnerabilities through their systematic decomposition. However, in most cases, the main hindrance in the practical deployment is the need for a domain expert to construct the tree manually or using further models. This paper demonstrates how to learn attack trees from logs, i.e., sets of traces, typically stored abundantly in many application domains. To this end, we design a genetic algorithm and apply it to classes of trees with different expressive power. Our experiments on real data show that comparably simple yet highly accurate trees can be learned efficiently, even from small data sets.
ER  -

DORFHUBER, Florian Sebastian, Julia EISENTRAUT and Jan KŘETÍNSKÝ. Learning Attack Trees by Genetic Algorithms. Online. In \textit{Theoretical Aspects of Computing – ICTAC 2023}. Lima: Springer, 2023, p.~55-73. ISBN~978-3-031-47962-5. Available from: https://dx.doi.org/10.1007/978-3-031-47963-2\_{}5.

Detailed Information on Publication Record