Category:AttackTree
From SecurityForest
- Proposed by: adam, seconded by Kz, Laramies
- Description: Attack trees are a way of organizing attack patterns. They don't get used as often as they should because its a lot of work to create a good one. At the same time, its perfect for sharing in a wiki.
- Resources:
- Bruce Schneier explains about Attack Trees in his book entitiled Secrets and Lies (http://www.securityforest.com/wiki/index.php/Security_Books:_Non-Technical#Secrets_and_Lies)
- Bruce Schneier also published this paper paper-attacktrees-ddj-ft.html (http://www.schneier.com/paper-attacktrees-ddj-ft.html).
- Hungarian translation of the above paper paper-attacktrees-ddj-ft_hun.pdf (http://www.cert.hu/ismert/10altalanos/paper-attacktrees-ddj-ft_hun.pdf)
- A presentation also published by Bruce Schneier attacktrees.pdf (http://www.securityforest.com/downloads/educationtree/attacktrees.pdf)
- Microsoft on How an Attacker might Infiltrate your network - http://www.microsoft.com/technet/technetmag/issues/2005/01/AnatomyofaHack/default.aspx
- Attack Modeling for Information Security and Survavility, by Andrew P. Moore, Rober J. Ellison and Richard Linger 01tn001.pdf (http://www.cert.org/archive/pdf/01tn001.pdf).
- Systematic Network Vulnerability Analysis based on Attack Graphs, by Roland Rieke rieke_CELTIC_print.pdf (http://private.sit.fhg.de/~rol/rieke_CELTIC_print.pdf).
- Automated Generation and Analysis of Attack Graph, by MIT and Carnegie Mellon Universities. attackgraph.pdf (http://www.seclib.com/seclib/ids.correlation/attackgraph.pdf).
