The paper presents QuADTool, a tool for modeling and analyzing attack-defense trees (ADTs). Key highlights:
QuADTool supports convenient graphical modeling of ADTs, including import and export of various formats (DOT, XML, etc.). It also provides feedback on the suitability of models for different analysis techniques.
The tool features a novel quantitative analysis approach for "probably approximately correct" (PAC) input values, which can handle imprecise or uncertain quantitative information (probabilities, costs, delays) about basic events. This extends the standard quantitative analyses that assume precise input values.
The PAC-input analysis propagates the input uncertainty through the tree structure, providing rigorous bounds on the imprecision and uncertainty of the final analysis results.
QuADTool is equipped with a benchmark suite (ATBEST) of ADT models from the literature and randomly generated ones, enabling comprehensive evaluation of the tool's capabilities.
Experiments show that the tool's performance, including the PAC-input analysis, is efficient even for large ADT models, making it practical for real-world use cases.
Overall, QuADTool addresses key challenges in practical quantitative security analysis by providing a convenient modeling environment and novel analysis techniques that can handle uncertain input data.
Na inny język
z treści źródłowej
arxiv.org
Głębsze pytania