[34585] in bugtraq
Idea of CAW (Creation of Attack Wood)
daemon@ATHENA.MIT.EDU (kincses zoli)
Mon Apr 19 17:06:55 2004
Message-ID: <40828BD2.6040704@caesar.elte.hu>
Date: Sun, 18 Apr 2004 16:08:18 +0200
From: kincses zoli <kincses@caesar.elte.hu>
Reply-To: kincses@caesar.elte.hu
MIME-Version: 1.0
To: bugtraq@securityfocus.com
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
hali,
there is the attack tree concept of Bruce Schneier:
http://www.schneier.com/paper-attacktrees-ddj-ft.html
http://www.counterpane.com/attacktrees.pdf
there is a SW that helps creating such trees:
SecurITree from Amenaza, http://www.amenaza.com/
i am working on attack tree of smartcards, and i have the
idea of creating as many as possible attack trees for
different systems and at the end they can build an Attack Wood
of IT security...and of course this wood is like the real one,
where new trees are born or old ones die, boughs are broken
or outgrown etc.
maybe on HEX (http://www.hex2005.org/) we will have the 1.0
version :-)
any comment, idea, opinion, advise is welcome and thnx in advance!
zoli
