An Approach to Select Cost-Effective Risk Countermeasures
نویسندگان
چکیده
Security risk analysis should be conducted regularly to maintain an acceptable level of security. In principle, all risks that are unacceptable according to the predefined criteria should be mitigated. However, risk mitigation comes at a cost, and only the countermeasures that cost-efficiently mitigate risks should be implemented. This paper presents an approach to integrate the countermeasure cost-benefit assessment into the risk analysis and to provide decision makers with the necessary decision support. The approach comes with the necessary modeling support, a calculus for reasoning about the countermeasure cost and effect, as well as means for visualization of the results to aid decision makers.
منابع مشابه
Iterative selection of countermeasures for intelligent threat agents
We describe a model-based approach to select cost effective countermeasures for an information and communication technology infrastructure under attack by intelligent agents. Each agent tries to reach some predefined goals through a sequence of attacks. The proposed approach builds models of the infrastructure and of the agents and then it applies a Monte Carlo method that runs multiple, indepe...
متن کاملAn Approach to Select Cost-Effective Risk Countermeasures Exemplified in CORAS
Security risk analysis should be conducted regularly for organizationsto maintain an acceptable level of security. In principle, all risks thatare unacceptable according to the predefined criteria should be mitigated.However, risk mitigation comes at a cost, and only the countermeasuresthat cost-efficiently mitigate risks should be implemented. This reportpresents an app...
متن کاملA particle swarm optimization algorithm for minimization analysis of cost-sensitive attack graphs
To prevent an exploit, the security analyst must implement a suitable countermeasure. In this paper, we consider cost-sensitive attack graphs (CAGs) for network vulnerability analysis. In these attack graphs, a weight is assigned to each countermeasure to represent the cost of its implementation. There may be multiple countermeasures with different weights for preventing a single exploit. Also,...
متن کاملOptimum Maintenance Strategy Selection using a Hybrid Approach based on Analytical Hierarchy Process and Revised Multi Choice Goal Programming
This study aims to select optimal maintenance strategy for components of an electric motor of the National Iranian Oil Refining and Distribution Company. In this regard, a method based on revised multi choice goal programming and analytic hierarchy process (AHP) is presented. Since improving the equipment reliability is an important issue, reliability centered maintenance (RCM) strategies are i...
متن کاملThe Most Cost Effective Gas Cleaning Device in Steel Industry with Industrial Ecology Approach
Industrial growth and environmental damages, as two important indicators in sustainable development are followed by steel industry. This article leads industries to green industry. In this case, energy, material, capital consumption and environmental damages as sustainability patterns of environment have been investigated in three different dust collectors to select the most environmentally sui...
متن کامل