Ver:
·
Ataque
Estructura de datos en forma de árbol donde a partir
de un objetivo final (representado como la raíz) se identifican (como
ramificaciones) objetivos secundarios que nos permitirían alcanzar el objetivo
final. Los árboles de ataque se utilizan para modelar las posibles vías por las
que puede perpetrarse un ataque.
(I) A branching,
hierarchical data structure that represents a set of potential approaches to
achieving an event in which system security is penetrated or compromised in a
specified way. [Moor]
Tutorial: Attack trees are special cases of fault trees. The security
incident that is the goal of the attack is represented as the root node of the
tree, and the ways that an attacker could reach that goal are iteratively and
incrementally represented as branches and subnodes of the tree. Each subnode
defines a subgoal, and each subgoal may have its own set of further subgoals,
etc. The final nodes on the paths outward from the root, i.e., the leaf nodes,
represent different ways to initiate an attack. Each node other than a leaf is
either an AND-node or an OR-node. To achieve the goal represented by an
AND-node, the subgoals represented by all of that node's subnodes must be
achieved; and for an OR-node, at least one of the subgoals must be achieved.
Branches can be labeled with values representing difficulty, cost, or other
attack attributes, so that alternative attacks can be compared.
[RFC4949:2007]
Attack trees (known as
threat trees by Microsoft) provide a formal, methodical way of describing the
security of systems based on various attacks [Schneier 99]. The root node of
the tree is the attackers goal (known as threat by Microsoft), and the children
of each node describe a lower-level way of achieving the goal of the parent
node. In this manner, the leaf nodes generally contain relatively low-level
tasks such as install a key logger on target machine, and the root node
contains a goal such as obtain administrators password.
https://buildsecurityin.us-cert.gov/daisy/bsi/articles/knowledge/attack/590-BSI.html