Practical evidence of the actual security performance of network systems is needed in order to be able to manage them in an adequate way. As no measurement can be done before the object of the measurement has been defined, the goal in this study was to clarify if the attack tree approach could be utilized in defining which fields of specific protocols in a specific network environment could be considered valid objects of security measurement. This study investigates whether the attack tree approach can be used for identification of the appropriate data to be measured in a mobile ad hoc network environment, and whether divergent results of attack tree analysis are obtained with different types of network protocols. The study focuses on the data transmitted in the network in connection with resource consumption attacks against the Ad hoc On-demand Distance Vector protocol (AODV) and Mobile Internet Protocol version 6 (MIPv6). The network type and the protocols used in this study were chosen because of their novelty and their potential importance in future communication scenarios. Based on the results of the study, the attack tree approach is a helpful systematic method for exploring vulnerabilities. However, it is not suitable for a very detailed analysis of the attacks in the area of network protocols when applied manually. This is due to the complexity and diversity of information networks, which causes attack trees to inevitably grow uncontrollably large. Furthermore, this study shows that the results obtained by applying attack tree analyses differ depending on the protocol under investigation.
|Title of host publication||Proceedings of the 6th International Network Conference, INC 2006|
|Editors||Steven Furnell, Paul Dowland|
|Publisher||University of Plymouth press|
|Publication status||Published - 2006|
|MoE publication type||A4 Article in a conference publication|
|Event||6th International Network Conference, INC 2006 - Plymouth, United Kingdom|
Duration: 11 Jul 2006 → 14 Jul 2006
|Conference||6th International Network Conference, INC 2006|
|Abbreviated title||INC 2006|
|Period||11/07/06 → 14/07/06|
Karppinen, K., Savola, R., & Kajava, J. (2006). Towards finding security measurement objects in a mobile Ad hoc network. In S. Furnell, & P. Dowland (Eds.), Proceedings of the 6th International Network Conference, INC 2006 (pp. 187-194). University of Plymouth press.