QuADTool: Analyzing PAC-Quantitative Attack-Defense Trees

Abstract

QuADTool is a tool to model and analyze (quantitative) attack-defense trees, a widespread formalism for security assessment. Since the support for the analysis of these models is scattered over various tools and differs in the model features allowed, we provide a unifying GUI framework interfacing with the other tools as well as our own analysis algorithms. Most interestingly, we provide a “PAC-input” quantitative analysis. While standard quantitative analyses may distinguish likely from unlikely vulnerabilities, they rely on precise quantitative inputs (probabilities, timing, or costs of attacks), which are rarely available. In contrast, previous experience may provide enough data for a probably approximately correct estimate of the real quantity. The imprecision and uncertainty of the input quantities are thus bounded and propagated during our PAC-input quantitative analysis, bounding the imprecision and uncertainty of the final result of the analysis. Moreover, the tool provides support for accurate modelling of the PAC inputs as well as the corresponding analysis, incurring virtually no overhead.
Finally, the tool comes also with a benchmark suite, on which we demonstrate its effectivity.