Analysing Cyberattacks Using Attack Tree and Fuzzy Rules

Nitin Naik; Paul Jenkins; Paul Grace; Dishita Naik; Shaligram Prajapat; Jingping Song; Jian Xu; Ricardo M. Czekster

doi:10.1007/978-3-031-47508-5_29

Analysing Cyberattacks Using Attack Tree and Fuzzy Rules

Nitin Naik, Paul Jenkins, Paul Grace, Dishita Naik, Shaligram Prajapat, Jingping Song, Jian Xu, Ricardo M. Czekster

Software Engineering & Cybersecurity

Research output: Chapter in Book/Published conference output › Conference publication

Abstract

Understanding the development and execution of a cyberattack is intrinsic in its prevention and mitigation. A suitable cyberattack analysis method can be utilised in analysing cyberattacks. However, not every analysis method can be utilised for analysing every type of cyberattack due to the specific aim, strategy, requirements and skills of an analysis method. Therefore, deciding on a simple and suitable analysis method is always a challenging task, which requires a continuous exploration of new analysis methods. This paper presents a simple and generic method for cyberattack analysis using an attack tree and fuzzy rules. The attack tree provides a graphical and granular relationship between a cyberattacker and a victim to understand the taxonomy of an attack. Subsequently, the probability and risk of each leaf node in the attack tree is calculated using the proposed formulas. Finally, fuzzy rules formalise human reasoning to manage the approximation and uncertainty of the data to determine the overall risk of attack. This method proposes a process consisting of a sequence of steps to perform a step-by-step analysis of a cyberattack and evaluate its potential risk in a simple and efficient manner, hence its prevention and mitigation can be determined beforehand. Furthermore, the paper presents a case study of an information theft attack on an organisation and its analysis using the proposed analysis method, which can be beneficial in the analysis of other similar attacks.

Original language	English
Title of host publication	Contributions Presented at the 22nd UK Workshop on Computational Intelligence (UKCI 2023), September 6–8, 2023, Birmingham, UK
Editors	Nitin Naik, Paul Jenkins, Paul Grace, Longzhi Yang, Shaligram Prajapat
Pages	364-378
ISBN (Electronic)	9783031475085
DOIs	https://doi.org/10.1007/978-3-031-47508-5_29
Publication status	Published - 1 Feb 2024

Publication series

Name	Advances in Computational Intelligence Systems
Publisher	Springer
Volume	1453
ISSN (Print)	2194-5357
ISSN (Electronic)	2194-5365

Keywords

cyberattack analysis
attack tree
fuzzy logic
fuzzy rules
Probability of attack
Risk of attack
Severity of attack
information theft attack

Access to Document

10.1007/978-3-031-47508-5_29

Cite this

Naik, N., Jenkins, P., Grace, P., Naik, D., Prajapat, S., Song, J., Xu, J., & M. Czekster, R. (2024). Analysing Cyberattacks Using Attack Tree and Fuzzy Rules. In N. Naik, P. Jenkins, P. Grace, L. Yang, & S. Prajapat (Eds.), Contributions Presented at the 22nd UK Workshop on Computational Intelligence (UKCI 2023), September 6–8, 2023, Birmingham, UK (pp. 364-378). (Advances in Computational Intelligence Systems; Vol. 1453). https://doi.org/10.1007/978-3-031-47508-5_29

Naik, Nitin ; Jenkins, Paul ; Grace, Paul et al. / Analysing Cyberattacks Using Attack Tree and Fuzzy Rules. Contributions Presented at the 22nd UK Workshop on Computational Intelligence (UKCI 2023), September 6–8, 2023, Birmingham, UK. editor / Nitin Naik ; Paul Jenkins ; Paul Grace ; Longzhi Yang ; Shaligram Prajapat. 2024. pp. 364-378 (Advances in Computational Intelligence Systems).

@inproceedings{04e2752c84dd499ebbe70ff849efbf75,

title = "Analysing Cyberattacks Using Attack Tree and Fuzzy Rules",

abstract = "Understanding the development and execution of a cyberattack is intrinsic in its prevention and mitigation. A suitable cyberattack analysis method can be utilised in analysing cyberattacks. However, not every analysis method can be utilised for analysing every type of cyberattack due to the specific aim, strategy, requirements and skills of an analysis method. Therefore, deciding on a simple and suitable analysis method is always a challenging task, which requires a continuous exploration of new analysis methods. This paper presents a simple and generic method for cyberattack analysis using an attack tree and fuzzy rules. The attack tree provides a graphical and granular relationship between a cyberattacker and a victim to understand the taxonomy of an attack. Subsequently, the probability and risk of each leaf node in the attack tree is calculated using the proposed formulas. Finally, fuzzy rules formalise human reasoning to manage the approximation and uncertainty of the data to determine the overall risk of attack. This method proposes a process consisting of a sequence of steps to perform a step-by-step analysis of a cyberattack and evaluate its potential risk in a simple and efficient manner, hence its prevention and mitigation can be determined beforehand. Furthermore, the paper presents a case study of an information theft attack on an organisation and its analysis using the proposed analysis method, which can be beneficial in the analysis of other similar attacks.",

keywords = "cyberattack analysis, attack tree, fuzzy logic, fuzzy rules, Probability of attack, Risk of attack, Severity of attack, information theft attack",

author = "Nitin Naik and Paul Jenkins and Paul Grace and Dishita Naik and Shaligram Prajapat and Jingping Song and Jian Xu and {M. Czekster}, Ricardo",

year = "2024",

month = feb,

day = "1",

doi = "10.1007/978-3-031-47508-5_29",

language = "English",

isbn = "9783031475078",

series = "Advances in Computational Intelligence Systems",

publisher = "Springer",

pages = "364--378",

editor = "Nitin Naik and Paul Jenkins and Paul Grace and Longzhi Yang and Shaligram Prajapat",

booktitle = "Contributions Presented at the 22nd UK Workshop on Computational Intelligence (UKCI 2023), September 6–8, 2023, Birmingham, UK",

}

Naik, N, Jenkins, P, Grace, P, Naik, D, Prajapat, S, Song, J, Xu, J & M. Czekster, R 2024, Analysing Cyberattacks Using Attack Tree and Fuzzy Rules. in N Naik, P Jenkins, P Grace, L Yang & S Prajapat (eds), Contributions Presented at the 22nd UK Workshop on Computational Intelligence (UKCI 2023), September 6–8, 2023, Birmingham, UK. Advances in Computational Intelligence Systems, vol. 1453, pp. 364-378. https://doi.org/10.1007/978-3-031-47508-5_29

Analysing Cyberattacks Using Attack Tree and Fuzzy Rules. / Naik, Nitin; Jenkins, Paul; Grace, Paul et al.
Contributions Presented at the 22nd UK Workshop on Computational Intelligence (UKCI 2023), September 6–8, 2023, Birmingham, UK. ed. / Nitin Naik; Paul Jenkins; Paul Grace; Longzhi Yang; Shaligram Prajapat. 2024. p. 364-378 (Advances in Computational Intelligence Systems; Vol. 1453).

Research output: Chapter in Book/Published conference output › Conference publication

TY - GEN

T1 - Analysing Cyberattacks Using Attack Tree and Fuzzy Rules

AU - Naik, Nitin

AU - Jenkins, Paul

AU - Grace, Paul

AU - Naik, Dishita

AU - Prajapat, Shaligram

AU - Song, Jingping

AU - Xu, Jian

AU - M. Czekster, Ricardo

PY - 2024/2/1

Y1 - 2024/2/1

N2 - Understanding the development and execution of a cyberattack is intrinsic in its prevention and mitigation. A suitable cyberattack analysis method can be utilised in analysing cyberattacks. However, not every analysis method can be utilised for analysing every type of cyberattack due to the specific aim, strategy, requirements and skills of an analysis method. Therefore, deciding on a simple and suitable analysis method is always a challenging task, which requires a continuous exploration of new analysis methods. This paper presents a simple and generic method for cyberattack analysis using an attack tree and fuzzy rules. The attack tree provides a graphical and granular relationship between a cyberattacker and a victim to understand the taxonomy of an attack. Subsequently, the probability and risk of each leaf node in the attack tree is calculated using the proposed formulas. Finally, fuzzy rules formalise human reasoning to manage the approximation and uncertainty of the data to determine the overall risk of attack. This method proposes a process consisting of a sequence of steps to perform a step-by-step analysis of a cyberattack and evaluate its potential risk in a simple and efficient manner, hence its prevention and mitigation can be determined beforehand. Furthermore, the paper presents a case study of an information theft attack on an organisation and its analysis using the proposed analysis method, which can be beneficial in the analysis of other similar attacks.

AB - Understanding the development and execution of a cyberattack is intrinsic in its prevention and mitigation. A suitable cyberattack analysis method can be utilised in analysing cyberattacks. However, not every analysis method can be utilised for analysing every type of cyberattack due to the specific aim, strategy, requirements and skills of an analysis method. Therefore, deciding on a simple and suitable analysis method is always a challenging task, which requires a continuous exploration of new analysis methods. This paper presents a simple and generic method for cyberattack analysis using an attack tree and fuzzy rules. The attack tree provides a graphical and granular relationship between a cyberattacker and a victim to understand the taxonomy of an attack. Subsequently, the probability and risk of each leaf node in the attack tree is calculated using the proposed formulas. Finally, fuzzy rules formalise human reasoning to manage the approximation and uncertainty of the data to determine the overall risk of attack. This method proposes a process consisting of a sequence of steps to perform a step-by-step analysis of a cyberattack and evaluate its potential risk in a simple and efficient manner, hence its prevention and mitigation can be determined beforehand. Furthermore, the paper presents a case study of an information theft attack on an organisation and its analysis using the proposed analysis method, which can be beneficial in the analysis of other similar attacks.

KW - cyberattack analysis

KW - attack tree

KW - fuzzy logic

KW - fuzzy rules

KW - Probability of attack

KW - Risk of attack

KW - Severity of attack

KW - information theft attack

UR - https://link.springer.com/chapter/10.1007/978-3-031-47508-5_29

U2 - 10.1007/978-3-031-47508-5_29

DO - 10.1007/978-3-031-47508-5_29

M3 - Conference publication

SN - 9783031475078

T3 - Advances in Computational Intelligence Systems

SP - 364

EP - 378

BT - Contributions Presented at the 22nd UK Workshop on Computational Intelligence (UKCI 2023), September 6–8, 2023, Birmingham, UK

A2 - Naik, Nitin

A2 - Jenkins, Paul

A2 - Grace, Paul

A2 - Yang, Longzhi

A2 - Prajapat, Shaligram

ER -

Naik N, Jenkins P, Grace P, Naik D, Prajapat S, Song J et al. Analysing Cyberattacks Using Attack Tree and Fuzzy Rules. In Naik N, Jenkins P, Grace P, Yang L, Prajapat S, editors, Contributions Presented at the 22nd UK Workshop on Computational Intelligence (UKCI 2023), September 6–8, 2023, Birmingham, UK. 2024. p. 364-378. (Advances in Computational Intelligence Systems). Epub 2024 Jan 31. doi: 10.1007/978-3-031-47508-5_29

Analysing Cyberattacks Using Attack Tree and Fuzzy Rules

Abstract

Publication series

Keywords

Access to Document

Other files and links

Fingerprint

An Introduction to Federated Learning: Working, Types, Benefits and Limitations

Artificial Intelligence (AI) Applications in Chemistry

Cyberattack Analysis Utilising Attack Tree with Weighted Mean Probability and Risk of Attack

Cite this