Capabilities-based Attack Tree Analysis | Amenaza Technologies Limited

Capabilities-based Attack Tree Analysis

Attack trees graphically show how an asset can be attacked. The topmost (or root) node in an attack tree represents the attacker's goal. This overall goal is decomposed into nodes representing increasingly detailed tasks which, by themselves or in combination, will result in the attacker obtaining their objective. Associated with the detailed tasks are estimates, based on expert opinion, of the resources required by the attacker to perform the operation. Resources include money, technical ability, materials and how noticeable the attack is.

By estimating the capabilities of the adversary it is possible to eliminate those portions of the attack tree model that are unattainable. This greatly reduces the problem of defending the asset. Further analysis can show which of the remaining attacks are preferred by the adversary (i.e., bring them the greatest benefit and / or the lowest expenditure of resources) and which are most harmful to the victim. This allows a true determination of risk.

Example of an Attack
Tree

Copyright© 2001-2013 by Amenaza Technologies Limited. All rights reserved.