Attack Tree Analysis Through Game
Playing
This step gives you the option to play
simple games by ignoring or preventing certain weaknesses. For example,
you may choose not to encrypt some messages due to overhead and ease of
use considerations.
The games are played between you
(security planner) and the attacker. Both players have objectives (they
want to win) and compete with each other for the objective. The steps of
the game are:
- If the planner sees weaknesses,
then he/she may prevent a certain weakness to disable attacks. This
simulates a ‘move’ by the security planner.
- Click on ‘Submit’ to see how the
weaknesses enable/disable some attacks. This will simulate the moves
by attacker based on the planner move.
- In some cases, the security
planner may choose to ignore a certain weakness due to cost,
performance and other considerations.
- Even if some weaknesses have been
prevented due to earlier steps, the planner should ignore/prevent
different weaknesses to simulate his/her moves and to see the type
of attacks that are launched by the attacker because of them.
- It is possible to see, in some
cases, that ignoring one weakness (for example, not putting
password) can enable many different types of attacks.
- It is a good idea to play these
games to understand the impact of weaknesses, because all devices of
the same type may not be protected at the same level (all access
points may not use encryption) and/or new devices may be introduced
with no protection.
Game theory is an advanced area of work
and the use of game theory in security planning is in its initial stages
of research. This step will be considerably strengthened in the future.
|