| | |
Summary: Analyzing the Security in the GSM Radio
Network using Attack Jungles
Parosh Aziz Abdulla1
, Jonathan Cederberg1
, and Lisa Kaati2
1
University of Uppsala, Sweden, email: {parosh, jonathan.cederberg}@it.uu.se
2
FOI Swedish Defence Research Agency, Sweden, email: lisa.kaati@foi.se
Abstract. In this paper we introduce the concept of attack jungles,
which is a formalism for systematic representation of the vulnerabilities
of systems. An attack jungle is a graph representation of all ways in
which an attacker successfully can achieve his goal. Attack jungles are
an extension of attack trees [13] that allows multiple roots, cycles and
reusability of resources. We have implemented a prototype tool for con-
structing and analyzing attack jungles. The tool was used to analyze the
security of the GSM (radio) access network.
1 Introduction
Analyzing the security of complex systems is a difficult but important task. In
industrial projects, security analysis is usually performed by a team of experts
|
