Time Dependent Analysis with Dynamic Counter Measure Trees
This work provides a more accurate modeling approach for security professionals to prioritize countermeasures in time-sensitive attack scenarios, though it appears incremental as it builds on an existing formalism.
The paper addresses the limitation of existing security attack modeling formalisms in capturing time-dependent actions by extending Attack Countermeasure trees with a time notion, enabling effective countermeasure selection and ranking based on resource consumption and effectiveness.
The success of a security attack crucially depends on time: the more time available to the attacker, the higher the probability of a successful attack. Formalisms such as Reliability block diagrams, Reliability graphs and Attack Countermeasure trees provide quantitative information about attack scenarios, but they are provably insufficient to model dependent actions which involve costs, skills, and time. In this presentation, we extend the Attack Countermeasure trees with a notion of time; inspired by the fact that there is a strong correlation between the amount of resources in which the attacker invests (in this case time) and probability that an attacker succeeds. This allows for an effective selection of countermeasures and rank them according to their resource consumption in terms of costs/skills of installing them and effectiveness in preventing an attack