Attack Trees:
https://learning.oreilly.com/library/view/threat-modeling-designing/9781118810057/9781118810057c04.xhtml#c04_level1_1
Attack Libraries (CAPEC and OWASP Top Ten attack libraries):
https://learning.oreilly.com/library/view/threat-modeling-designing/9781118810057/9781118810057c05.xhtml
Attack trees are an essential method for threat assessment. It evaluates the security of a system from an attacker perspective. The root node represents the attacks’ goal, and the remaining leaves indicate sub-goals or attack methods.
In this homework, you are expected to provide an attack tree for the system you threat-modeled in the lab. The goal of the attacks is to steal information from the password-protected blog website.

Question 1

Provide a report that includes your analysis. The report should consist of (but not limited to) the following items:
1. Initial attack interfaces and a short description of why they can be the starting point for attacks
2. Attack tree
a. Sub-goals
b. The nodes of the tree (Please use AND, OR functions appropriately)

Question 2

Map the sub-goals and attack methods with the attack libraries given in the second reading

H3
Tagged on:     
We have updated our contact contact information. Text Us Or WhatsApp Us+1-(309) 295-6991