We describe the recent developments of an opensource project called RATCHET that can be used by groups of users to collectively construct attack trees. We present the RATCHET framework as well as a model for testing and evaluation of the produced attack trees. RATCHET has been tested in classroom settings with positive results and this paper presents the plans for expanding its outreach to the community at large and building attack trees through crowdsourcing. This paper gives an overview of RATCHET and an introduction to its use.
Date of creation, presentation, or exhibit
Department, Program, or Center
Information Sciences and Technologies (GCCIS)
D. Bogaard, S. Goel, S. Kandari, D. Johnson, G. Markowsky and B. Stackpole, "Producing and evaluating crowdsourced computer security attack trees," 2016 IEEE Symposium on Technologies for Homeland Security (HST), Waltham, MA, 2016, pp. 1-4. doi: 10.1109/THS.2016.7568951
RIT – Main Campus