Friday, March 29, 2019

Analysis of Attack Tree Process

Analysis of bam manoeuvre ProcessWhen analyzing the protection threats to a schema the governing carcass psychopsycho psycho analyst is forced to rely on an Ad hoc brainstorming do work (Schneier, 2004, p. 318) to sieve and conceptualize what purposes an snipeer could restrain in targeting a system and the methods they could purpose to carry out their attack. The limitation to the ad hoc approach is that the analyst could dismiss an area of potential picture or even focus available resources on an attack that is extremely unlikely leaving the door dewy-eyed open for more likely attacks to occur.The onrush maneuver process demonstrable by Bruce Schneier seeks to replace existing ad hoc processes with one that provides a process for evaluating the threats of an attack against a system and what numbers piece of ass be put in place to prevent them (p. 318). The process seeks to first identify an assaulters goal and wherefore analyzes the methods they could use to a ccomplish their goal so resources are assigned appropriately. In an assault channelises, attacks against a system are represented by a tree structure with the goal as the root node and unalike ways of achieving that goal as leaf nodes (p. 318).The Importance of Using an set upon guide ProcessAn firing Tree process is a usable tool to try and analyze the different ways an attacker could earn their goal. There are several take ins / advantages that can be attributed to a tumesce developed process in the case of ardor Trees you couldCreate an multi input iterative process An glide path Tree enables a system analyst to implement a process where people with different backgrounds / skill sets can add their input to help analyze assertable threats and what can be done to negate these threats. Since the process is in any case iterative you can fit that it is continually improved upon, this is important because it is unlikely that the attackers are not continually improving t heir methods.Capture and reuse the process for future projects In capturing the culture created from a process you could ensure that the next time a system is being developed you provide have a repository to life to for reference on potential shelter threats and methods of big bucksing with them. Since the system analyst is not working from scratch there is a saving of time and money. In creating and re victimisation a process you also help ensure trunk and reliability.Compute the risk of a type of attack Different attacks have different probabilities of occurring as well as have different be associated with them. If an attack is low gain but has a high exist of prevention it wont be worth it to prevent against it (Buldas, Laud, Priisalu, Saarepera and Willemson, 2006)Can be broken down in to multiple pieces By creating a scalable process you dont have to have several(prenominal)one who is an expert in every single area instead you could have subject matter experts constr ue at the system and offer their input.The Latest Developments in coming Tree ProcessesSince Schneier introduced the concept of labialise Trees (1999) several other researchers have worked to fine form the process. Buldas et al. have offered a more accurate estimate of the probability of an attack and how it in turn influences the live of preventing against such an attack (2006).By exploring what assort of profit an attacker could gain from conducting the attack (e.g. stealing a competitors designs) and slowness the profit against the cost of the attack (e.g. going to jail) the system analyst leave behind be able to see if reward is proportional to the risk the attacker takes. If an attacker feels that the reward is not proportional to the risk involved, then the probability of an attack occurring is reduced and in turn the resources required to protect the system from such an attack could be reduced as well.Practical examples of industries that could benefit from using an Attack Tree methodological analysis have also been outlined. Sommestad, Ekstedt and Nordstrm (2009) have written a framework for the practical application of using Attack Trees along with other processes to misrepresent the security of power inter naturally systems.Since power generation is a cornerstone of societys critical infrastructure (Sommestad et al., 2009, p. 1) the shield of the Wide Area Networks that support them is a top priority. However security for such a system is complicated by factors such as systems of varying age, different levels of criticality and geographical positioning of such systems.Attack Trees in Relation to My Personally ExperienceWhen I took a course in Project Management I read an article Secrets to Creating the scoop shovel Accurate Estimate. The author mentioned that a project manager should know that a project without risk analysis is useless (Gray, 2001). Before we set up countermeasures to mitigate the risks, we need to know what the threats are. The fundamental concept of an Attack Tree process is to analyze the relation between cause and consequence of vicious attraction. Analyzing the cause and effect of an action is a skill I much use to make effective decisions. I list all possible options, analyze the outcome of each option, and estimate the cost I volition pay for choosing a particular option. For instance, I would like to eliminate the mice in my apartment. I can use mouse poison, a gum trap, or hire a professional. There are various brands of mouse poisons and glue traps available on the shelves. I might need do some(prenominal) research to analyze their effectiveness and the environmental impact once I used them. Also, if I dont want to see or dispose of the body of the mouse, the glue trap might not be a pricey choice. Hiring a professional could be an efficient option, but it might cost me a lot. Based on my budget and other relative factors, I can build up an Attack Tree for my Mouse war and use it t o assist me to make the best decision.However, the true value of an Attack Tree lies in its ability to assist people in analyzing factors of vulnerability and estimating the feasibility of practices with more complex circumstances such as the incorporation of a networking system. Moreover since Attack Trees provide a systematic methodology which is traceable and reusable it means that not only will the analyst who developed the Attack Tree process be able to apply it, but they could also hand down the process to others (Network warranter Technologies, I., 2005). at a time a basic template has been completed such as an Attack Tree for a computer virus attack, this Attack Tree could be reused as a branch in a more complex model. The analyst doesnt have to rebuild it iteratively.The Potential of Attack Trees to Impact BusinessThe IT industry, today, is expanding at an immense rate. Meanwhile, the tricks used by attackers improve at a grounds beyond which we can imagine. Not only do businesses that are hard invested in IT have to evolve to fight these malicious threats, but also all business are supposed to equip themselves with the ability to deal with emerging threats.Intuition and experience can help a security analyst anticipate a vicious attack and reduce the handicap from it (Ingoldsby, T. R., 2009). However, the modes of attack are innovating quickly and both intuition and experience are hard to pass to others. So, business needs a process-based tool such as an Attack Tree to analyze threats. Moreover, Attack Trees could be a bridge to connect an experienced analyst with others (Ingoldsby, T. R., 2009). An analyst created Attack Tree could explain the rationale behind their process and people could learn and sublimate intelligence from the Attack Trees. As a result of adopting an Attack Tree process, security analysts could build a more efficient intercourse mechanism.In addition, one of the features of Attack Trees is reusability, while performin g risk-analysis, it is not necessary to re-build a new Attack Tree process. A security analyst mediocre needs to retrieve a comparative already designed Attack Trees process and trim it to fit the new mission. For a business this procedure not only saves time and money, but also helps improves the process. Since we are creating an Attack Tree based on old one, it is a way to pull together experience to make the new Attack Tree more comprehensive.Companies no matter if they are IT related or not, are concerned closely internet security issues. Some of them will look to an IT consulting firm for advice. Therefore, some IT consulting firms introduce Attack Tree to their clients. You can easily surf their website and stupefy the explicit knowledge of Attack Tree, for instance, the website of Amenaza (http//www.amenaza.com/methodology_2.php). Moreover, some companies have developed a unique Threat Risk Analysis (TRA) methodology based on the Attack Tree process (Amenaza Technologies Limited, 2009). Although this could be perceived as an multiplication of Attack Trees, these consulting firms possess exclusive knowledge of Attack Tree processes which will help them build up their reputation.ConclusionMalicious internet attacks come up every day. The best approach to protect yourself is to forecast an attackers behavior sooner the disaster happens. There could be thousands of types of feasibility threats, such as virus infections, a hacking attack, an internal attack, etc so we need a methodology to manage the TRA. An Attack Tree could be a powerful tool if it is justly implemented.ReferencesSchneier, B. (2004). Secrets and lies digital security in a networked world. Wiley.Buldas, A, Laud, P, Priisalu, J, Saarepera , M, Willemson, J. (2006). Rational Choice of Security Measures via Multi-Parameter Attack Trees. Critical Information Infrastructures Security, 4347.Sommestad, T, Ekstedt, M, Nordstrm, L. (2009). modeling security of power communication systems u sing defense graphs and influence diagrams. IEEE Transactions on Power Delivery, 24(4),Schneier, B. (1999). Attack trees. Dr. Dobbs journal , 24(12),Gray, N. S. (2001, August). Secrets to Creating the Exclusive Accurate Estimate. PM Network, 4.Network Security Technologies, I. (2005). Attack Tree/Threat Modeling Methodology. from http//www.netsectech.com/services/attack_tree_methodology.pdfIngoldsby, T. R. (2009, Jan., 16). Attack Tree Analysis. exit Team, from http//redteamjournal.com/2009/01/attack-tree-analysis/Amenaza Technologies Limited. (2009). Amenaza SecurlTree. from http//www.amenaza.com/downloads/docs/SCMagazine20-Nov2009-Amenaza.pdf

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.