The Library
An empirical evaluation of the effectiveness of attack graphs and fault trees in cyber-attack perception
Tools
Lallie, Harjinder Singh, Debattista, Kurt and Bal, Jay (2018) An empirical evaluation of the effectiveness of attack graphs and fault trees in cyber-attack perception. IEEE Transactions on Information Forensics and Security, 13 (5). pp. 1110-1122. doi:10.1109/TIFS.2017.2771238 ISSN 1556-6013.
|
PDF
WRAP-empirical-evaluation-effectiveness-attack-graphs-Debattista-2017.pdf - Accepted Version - Requires a PDF viewer. Download (5Mb) | Preview |
Official URL: http://dx.doi.org/10.1109/TIFS.2017.2771238
Abstract
Perceiving and understanding cyber-attacks can be a difficult task. This problem is widely recognised and well documented, and more effective techniques are needed to aid cyber-attack perception. Attack modelling techniques (AMTs) –such as attack graphs and fault trees, are useful visual aids that can aid cyber-attack perception; however, there is little empirical or comparative research which evaluates the effectiveness of these methods. This paper reports the results of an empirical evaluation between an adapted attack graph method and the fault tree standard to determine which of the two methods is more effective in aiding cyber-attack perception. An empirical evaluation (n=63) was conducted through a 3×2×2 factorial design. Participants from computer-science and non computer-science backgrounds were divided into an adapted attack graph and fault tree group and then asked to complete three tests which tested the ability to recall, comprehend and apply the attack modelling technique. A mean assessment score (mas) was calculated for each test. The results show that the adapted attack graph method is more effective at aiding cyber-attack perception when compared with the fault tree method (p <0.01). Participants that have a computer science background outperformed other participants when using both methods (p <0.05). These results indicate that the adapted attack graph method can be an effective tool for aiding cyber-attack perception amongst experts. The study underlines the need for further comparisons in a broader range of settings involving additional techniques, and suggests several suggestions for further work.
Item Type: | Journal Article | ||||||||
---|---|---|---|---|---|---|---|---|---|
Subjects: | H Social Sciences > HV Social pathology. Social and public welfare Q Science > QA Mathematics > QA76 Electronic computers. Computer science. Computer software |
||||||||
Divisions: | Faculty of Science, Engineering and Medicine > Engineering > WMG (Formerly the Warwick Manufacturing Group) | ||||||||
Library of Congress Subject Headings (LCSH): | Cyber intelligence (Computer security), Cyberterrorism -- Prevention | ||||||||
Journal or Publication Title: | IEEE Transactions on Information Forensics and Security | ||||||||
Publisher: | IEEE | ||||||||
ISSN: | 1556-6013 | ||||||||
Official Date: | May 2018 | ||||||||
Dates: |
|
||||||||
Volume: | 13 | ||||||||
Number: | 5 | ||||||||
Page Range: | pp. 1110-1122 | ||||||||
DOI: | 10.1109/TIFS.2017.2771238 | ||||||||
Status: | Peer Reviewed | ||||||||
Publication Status: | Published | ||||||||
Access rights to Published version: | Restricted or Subscription Access | ||||||||
Date of first compliant deposit: | 15 November 2017 | ||||||||
Date of first compliant Open Access: | 16 November 2017 | ||||||||
RIOXX Funder/Project Grant: |
|
Request changes or add full text files to a record
Repository staff actions (login required)
View Item |
Downloads
Downloads per month over past year