Kordy, Barbara; Mauw, Sjouke; Schweitzer, Patrick Quantitative questions on attack-defense trees. (English) Zbl 1379.68117 Kwon, Taekyoung (ed.) et al., Information security and cryptology – ICISC 2012. 15th international conference, Seoul, Korea, November 28–30, 2012. Revised selected papers. Berlin: Springer (ISBN 978-3-642-37681-8/pbk). Lecture Notes in Computer Science 7839, 49-64 (2013). Summary: Attack-defense trees are a novel methodology for graphical security modeling and assessment. The methodology includes intuitive and formal components that can be used for quantitative analysis of attack-defense scenarios. In practice, we use intuitive questions to ask about aspects of scenarios we are interested in. Formally, a computational procedure, using a bottom-up algorithm, is applied to derive the corresponding numerical values. This paper bridges the gap between the intuitive and the formal way of quantitatively assessing attack-defense scenarios. We discuss how to properly specify a question, so that it can be answered unambiguously. Given a well-specified question, we then show how to derive an appropriate attribute domain which constitutes the corresponding formal model.For the entire collection see [Zbl 1263.68022]. Cited in 3 Documents MSC: 68P25 Data encryption (aspects in computer science) 91A80 Applications of game theory PDFBibTeX XMLCite \textit{B. Kordy} et al., Lect. Notes Comput. Sci. 7839, 49--64 (2013; Zbl 1379.68117) Full Text: DOI arXiv