By identifying the various steps an adversary could take to compromise a system, an attack tree is used to analyse and assess the security of a system. The initial attack goal is at the root with potential attack paths branching out from there. The branches correspond to the different ways an adversary could complete each node, representing a particular attack step. The attack scenarios or techniques that an adversary might employ are represented by the tree’s leaves. An attack tree is often used to evaluate a system’s security.

Further reading:

See also: ATTACK SURFACE

Manadhata, P.K. and Wing, J.M., 2010. An attack surface metric. IEEE Transactions on Software Engineering, 37(3), 37186, https://doi.org/10.1109/TSE.2010.60.

  • Search Google Scholar
  • Export Citation
  • Manadhata, P.K. and Wing, J.M., 2010. An attack surface metric. IEEE Transactions on Software Engineering, 37(3), 37186, https://doi.org/10.1109/TSE.2010.60.

    • Search Google Scholar
    • Export Citation
Reference & Dictionaries