Regression nodes: Extending attack trees with data from social sciences

Conference paper (2015)

Authors

J.W.H. Bullee University of Twente

AL Montoya Morales University of Twente

W. Pieters Old - TPM-ESS-ICT Information, Communication and Technology

M. Junger External organisation

P.H. Hartel University of Twente

Research Group

Old - TPM-ESS-ICT Information, Communication and Technology

CSdevelopingscience

More Info

expand_more

To reference this document use:

http://resolver.tudelft.nl/uuid:00dfc3be-076e-4239-8934-3fbd70f389b9

Published Date

2015

Language

English

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Research Group

Old - TPM-ESS-ICT Information, Communication and Technology

Abstract

In the field of security, attack trees are often used to assess security vulnerabilities probabilistically in relation to multi-step attacks. The nodes are usually connected via AND-gates, where all children must be executed, or via OR-gates, where only one action is necessary for the attack step to succeed. This logic, however, is not suitable for including human interaction such as that of social engineering, because the attacker may combine different persuasion principles to different degrees, with different associated success probabilities. Experimental results in this domain are typically represented by regression equations rather than logical gates. This paper therefore proposes an extension to attack trees involving a regression-node, illustrated by data obtained from a social engineering experiment. By allowing the annotation of leaf nodes with experimental data from social science, the regression-node enables the development of integrated socio-technical security models.