Explain the difference between an attack surface and an attack tree.
Attack Surface:
An attack surface consists of the reachable and exploitable weaknesses in a system
Examples are
Attack surfaces can be categorized into three types:
1. Network attack surface:
This category refers to vulnerabilities in the company's network, or wide area network, or LAN, or the internet itself. such as weakness in protocol system are used for the attack.
2. Software attack surface:
It refers to vulnerabilities in the software applications, utilities, or OS itself that are susceptible to attack. Especially web server software.
3. Human attack surface:
In this category, vulnerabilities are created by the person or fraud people by using social engineering; human errors, and Trusted people inside the company.
Attack Tree:
Attack tree is a conceptual design or hierarchy of data structure of potential techniques of an attack that might take place( look 1.4 fig)
It is presented in such a way that, the goal of the attack is represented as the root of the tree, as it moves up, the tree is further divided into nodes, subnodes, goals, and subgoals. The ways that an attacker may reach his goals iteratively and incrementally are represented as branches and subnodes of the tree.
Here are the three components opponents might exploit to attack the system.
1. User terminal and user (UT/U):
Smartcards, password generators, or other devices that may be used in these attacks are the target, as well as the actions of the user.
2. Communications channel (CC):
Communication links are targeted in this type of attack.
3. Internet banking server (IBS):
The Internet banking application servers are targeted by these offline attacks.