HOME

TheInfoList



Click Here for Items Related To - Attack Tree
OR:
Attack Tree on:   [Wikipedia]   [Google]   [Amazon]

Attack trees are conceptual diagrams showing how an asset, or target, might be attacked. Attack trees have been used in a variety of applications. In the field of information technology, they have been used to describe threats on computer systems and possible attacks to realize those threats. However, their use is not restricted to the analysis of conventional information systems. They are widely used in the fields of defense and aerospace for the analysis of threats against tamper resistant electronics systems (e.g., avionics on military aircraft). Attack trees are increasingly being applied to computer control systems (especially relating to the electric
power grid An electrical grid is an interconnected network for electricity delivery from producers to consumers. Electrical grids vary in size and can cover whole countries or continents. It consists of:Kaplan, S. M. (2009). Smart Grid. Electrical Power ...
). Attack trees have also been used to understand threats to physical systems. Some of the earliest descriptions of attack trees are found in papers and articles by
Bruce Schneier Bruce Schneier (; born January 15, 1963) is an American cryptographer, computer security professional, privacy specialist, and writer. Schneier is a Lecturer in Public Policy at the Harvard Kennedy School and a Fellow at the Berkman Klein Ce ...
, when he was CTO of Counterpane Internet Security. Schneier was clearly involved in the development of attack tree concepts and was instrumental in publicizing them. However, the attributions in some of the early publicly available papers on attack trees also suggest the involvement of the
National Security Agency The National Security Agency (NSA) is a national-level intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence (DNI). The NSA is responsible for global monitoring, collectio ...
in the initial development. Attack trees are very similar, if not identical, to ''threat trees''. Threat trees were discussed in 1994 by Edward Amoroso.


Basic

Attack trees are multi-leveled diagrams consisting of one root, leaves, and children. From the bottom up, '' child nodes'' are conditions which must be satisfied to make the direct parent ''node'' true; when the ''root'' is satisfied, the attack is complete. Each ''node'' may be satisfied only by its direct ''child nodes''. A ''node'' may be the ''child'' of another node; in such a case, it becomes logical that multiple steps must be taken to carry out an attack. For example, consider classroom computers which are secured to the desks. To steal one, the securing cable must be cut or the lock unlocked. The lock may be unlocked by picking or by obtaining the key. The key may be obtained by threatening a key holder, bribing a keyholder, or taking it