Ver:
· Ataque
Estructura de datos en forma de árbol donde a partir de un objetivo final (representado como la raíz) se identifican (como ramificaciones) objetivos secundarios que nos permitirían alcanzar el objetivo final. Los árboles de ataque se utilizan para modelar las posibles vías por las que puede perpetrarse un ataque.
(I) A branching,
hierarchical data structure that represents a set of potential approaches to
achieving an event in which system security is penetrated or compromised in a
specified way. [Moor]
Tutorial: Attack trees are special cases of
fault trees. The security incident that is the goal of the attack is
represented as the root node of the tree, and the ways that an attacker could
reach that goal are iteratively and incrementally represented as branches and
subnodes of the tree. Each subnode defines a subgoal, and each subgoal may have
its own set of further subgoals, etc. The final nodes on the paths outward from
the root, i.e., the leaf nodes, represent different ways to initiate an attack.
Each node other than a leaf is either an AND-node or an OR-node. To achieve the
goal represented by an AND-node, the subgoals represented by all of that node's
subnodes must be achieved; and for an OR-node, at least one of the subgoals
must be achieved. Branches can be labeled with values representing difficulty,
cost, or other attack attributes, so that alternative attacks can be compared.
[RFC4949:2007]
Attack trees
(known as threat trees by Microsoft) provide a formal, methodical way of
describing the security of systems based on various attacks [Schneier 99]. The
root node of the tree is the attackers goal (known as threat by Microsoft), and
the children of each node describe a lower-level way of achieving the goal of
the parent node. In this manner, the leaf nodes generally contain relatively
low-level tasks such as install a key logger on target machine, and the root
node contains a goal such as obtain administrators password.
https://buildsecurityin.us-cert.gov/daisy/bsi/articles/knowledge/attack/590-BSI.html
Temas relacionados