Attack Graph-Based Countermeasure Selection Using a Stateful Return on Investment Metric
نویسندگان
چکیده
We propose a mitigation model that evaluates individual and combined countermeasures against multi-step cyber-attack scenarios. The goal is to anticipate the actions of an attacker that wants to disrupt a given system (e.g., an information system). The process is driven by an attack graph formalism, enforced with a stateful return on response investment metric that optimally evaluates, ranks and selects appropriate countermeasures to handle ongoing and potential attacks.
منابع مشابه
A particle swarm optimization algorithm for minimization analysis of cost-sensitive attack graphs
To prevent an exploit, the security analyst must implement a suitable countermeasure. In this paper, we consider cost-sensitive attack graphs (CAGs) for network vulnerability analysis. In these attack graphs, a weight is assigned to each countermeasure to represent the cost of its implementation. There may be multiple countermeasures with different weights for preventing a single exploit. Also,...
متن کاملAttack countermeasure trees (ACT): towards unifying the constructs of attack and defense trees
Attack tree (AT) is one of the widely used non-state-space models for security analysis. The basic formalism of AT does not take into account defense mechanisms. Defense trees (DTs) have been developed to investigate the effect of defense mechanisms using measures such as attack cost, security investment cost, return on attack (ROA) and return on investment (ROI). DT, however, places defense me...
متن کاملEvaluation of complex security scenarios using defense trees and economic indexes
In this article, we present a mixed qualitative and quantitative approach for evaluation of information technology (IT) security investments. For this purpose, we model security scenarios by using defense trees, an extension of attack trees with countermeasures and we use economic quantitative indexes for computing the defender’s return on security investment and the attacker’s return on attack...
متن کاملMulti-period and Multi-objective Stock Selection Optimization Model Based on Fuzzy Interval Approach
The optimization of investment portfolios is the most important topic in financial decision making, and many relevant models can be found in the literature. According to importance of portfolio optimization in this paper, deals with novel solution approaches to solve new developed portfolio optimization model. Contrary to previous work, the uncertainty of future retur...
متن کاملAn attack-and-defence game for security assessment in vehicular ad hoc networks
Recently, there is an increasing interest in Security and Privacy issues in Vehicular ad hoc networks (or VANETs). However, the existing security solutions mainly focus on the preventive solutions while lack a comprehensive security analysis. The existing risk analysis solutions may not work well to evaluate the security threats in vehicular networks since they fail to consider the attack and d...
متن کامل