ATTENTION/WARNING - NE PAS DÉPOSER ICI/DO NOT SUBMIT HERE

Ceci est la version de TEST de DIAL.mem. Veuillez ne pas soumettre votre mémoire sur ce site mais bien à l'URL suivante: 'https://thesis.dial.uclouvain.be'.
This is the TEST version of DIAL.mem. Please use the following URL to submit your master thesis: 'https://thesis.dial.uclouvain.be'.
 

Graphical user interface for DAG-based attack trees

Weiser, Thomas ; Delcourt, Florentin
(2022)

Files

Delcourt_53291500_Weiser_38371600_2022.pdf
  • Open access
  • Adobe PDF
  • 6.1 MB
Download

Details

Supervisors
Legay, Axel
Faculty
Ecole polytechnique de Louvain
Degree label
Master [120] : ingénieur civil en informatique, à finalité spécialisée
Abstract
The thesis described in this document has been divided into two different parts. First, a deep research on the topic of attack trees to understand the theoretical background and the different ways to compute and analyse such structures. The second part of the thesis covers the creation of a tool to compute and analyse attack trees. The attack tree model owes its popularity thanks to two key ideas : its readability and its ability to cover a large domain of applications. The simple principle behind attack trees is to break down complex scenarios or systems into smaller interconnected scenarios that can be assessed and quantified more easily. On top of that, they are convenient to perform analysis to compute and classify the different attack traces of the system and determine the more efficient countermeasures. In the 1990s, different groups were developing modeling concepts called threat trees and threat logic trees. The term attack trees has been popularized in 1999 by a cryptographer and security expert named Bruce Schneider. Over the years, the model evolved through different researches proposing many formal semantics for attack trees. The attack tree model has also been expanded and mixed with defense tree models to create attack-defense tree with the addition of countermeasures. A wide overview of attack trees has been written by Kordy et al. in a Computer Science Review. System security against attacks is a major concern and sees a wide variety of application areas. Some documents relate the use of attack tree graphs to analyse the security of critical infrastructures in the electric sector, to classify ATM-related frauds or even assess vulnerabilities in SCADA systems. The recent trend uses the attack tree design models and enhances them with analysis methods like Bayesian networks, model checking, automata theory, SAT and SMT solver for constraint solving, ... This thesis uses a DAG-based attack tree model to assess attack risk and uses previously implemented SAT and SMT solvers to compute tree solutions with constraint programming. May this document be an additional use case of this model.