A Study On Attack Trees Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Attack trees are multi levelled diagrams consisting of root, leaves, and children nodes. The root nodes representing the final goal of the attacker, the leaves are the means to reach those goals and the children node are used as refinements of this goal. Attack trees can become complex and containing hundreds of node attacking different parts of a system. According to Schneier (2009, pp. 4-6) the main characteristics of attackers are as follow:

1. Motivation: What is the attacker motive to attack?

2. Access: What kind of access does he have?

3. What are the attacker skills? Since many attacks require more than one skill.

2. Nodes and their values:

In any attack tree, nodes will have many different values corresponding to different variables, both Boolean and continuous. Different node values can be combined to learn even more about a system's vulnerabilities.

3. Building the tree:

To start building the tree, the final goal of the attacker should be defined. Then, all possible attacks are categorized. Finally, the nodes values are written. In this paper the attacker main goal is to steal someone bank account details. To categorize Internet banking attacks, each component of the process should be examined: the user, the communication channel and the Internet banking server. (Dimitriadis, 2007, pp: 1-5) The following types of attacks are identified:

I. Attacks that target the user equipment, such as PC, mobile and password tokens.

II. Attacks that target the communication channels.

III. Attacks that target the Internet Banking server.

Despite the fact that our primary scope is to concentrate on the attacks that happen during a web session, a general bank account attack will be useful. According to Fig.2 below, the root node and the leaves may look like this:

4. User / User equipments attacks:

There are many different types of attacks, and these include:

ü Malicious software installation.

The embedding of malicious content for compromising the user's login information and password. Good examples for that are the keyboard key board loggers or screen capture. This may take place via a number of different methods:

v Hidden code:

This is the use of hidden code within a web page that exploits a known vulnerability of the customer's web browser and installs malicious software in the user terminal.

v Worms:

Worms search vulnerabilities and exploit them automatically. This includes the exploit of instant messaging and chatting communication software.

v E-mails with malicious code:

This is the submission of e-mails with malicious content, such as executable files or HTML code with embedded applets.

ü Brute-force attacks:

These attacks focus on breaking the security of tokens that generate random PINs.

ü Phishing:

These attacks use social engineering techniques, masquerading as a trustworthy person or business in an electronic communication. These attacks include:

v Social engineering:

These attacks focus on the compromise of the user's credentials by nontechnical means, such as phone calls or the submission of e-mails masquerading as an official bank, asking the user for username and password or updating the account information.

v Web page obfuscation:

These attacks are based on links that do not correspond to the destination they describe, or the use of Internet Protocol (IP) addresses instead of URL for confusing the user. Other techniques deploy hidden frames. These are used for covering the real activity of a web page by using several frames with malicious content, while the user sees only the URL of the master frame set. Other methods use graphics that spoof the interface of a web browser, such as the address bar.

5. Communication channels attacks:

This type of attack focuses on communication links. Examples include:

ü Pharming:

these involve compromising domain name servers (DNSs), altering DNS tables and connecting the user to fraudulent sites, instead of the official bank's site, where information regarding the user's account may be derived.

ü Sniffing:

Active sniffing attacks masquerade the two communicating entities to each other (user client and the Internet banking server) to capture information, such as username and password. Passive sniffing captures information from the communication medium, without interception.

ü Active man-in-the-middle attacks:

this type of attack regards a schema where the attacker receives and forwards information between the UT and the IBS. The attacker sends malformed user packets or injects new traffic, such as transfer commands, from one account to another.

ü Session hijacking:

Attacks that force the user to connect to the IBS with a preset session ID. Once the user authenticates to the server, the attacker may utilize the known session ID to send packets to the IBS, spoofing the user's identity.

6. Internet Banking Server Attacks

These types of attacks are offline attacks against the servers that host the Internet banking application. Examples include:

ü Brute-force attacks:

Brute-force attacks in certain password-based mechanisms are reported to be feasible by sending random usernames and passwords.13 The attacked mechanisms implement a scheme based on guessable usernames and four-digit passwords. The attack mechanism is based on distributed zombie personal computers, hosting automated programs for username- or password-based calculation. This attack may be combined with username filtering methods for determining the identity of the user. These methods filter the different responses of the server, in the case of valid or invalid usernames.

ü Bank security policy violation:

Violating the bank's security policy in combination with weak access control and logging mechanisms, an employee may cause an internal security incident and expose a customer's account.

ü Web site manipulation:

Exploiting the vulnerabilities of the Internet banking web server may permit the alteration of its contents, such as the links to the Internet banking login page. This may redirect the user to a fraudulent web site where his/her credentials may be captured.

These attacks can be summarised in the following figures: