Attack time analysis in dynamic attack trees via integer linear programming
This work addresses the challenge of efficient security analysis for systems modeled with dynamic attack trees, though it is incremental as it builds on existing MILP methods with improvements.
The paper tackled the NP-complete problem of computing the minimal time metric in dynamic attack trees by using mixed integer linear programming (MILP), achieving a considerable decrease in computation time in experiments on large synthetic attack trees.
Attack trees (ATs) are an important tool in security analysis, and an important part of AT analysis is computing metrics. However, metric computation is NP-complete in general. In this paper, we showcase the use of mixed integer linear programming (MILP) as a tool for quantitative analysis. Specifically, we use MILP to solve the open problem of calculating the min time metric of dynamic ATs, i.e., the minimal time to attack a system. We also present two other tools to further improve our MILP method: First, we show how the computation can be sped up by identifying the modules of an AT, i.e. subtrees connected to the rest of the AT via only one node. Second, we define a general semantics for dynamic ATs that significantly relaxes the restrictions on attack trees compared to earlier work, allowing us to apply our methods to a wide variety of ATs. Experiments on a synthetic testing set of large ATs verify that both the integer linear programming approach and modular analysis considerably decrease the computation time of attack time analysis.