A Defense-Centric Model for Multi-step Attack Damage Cost Evaluation

Shameli‐Sendi, Alireza; Louafi, Habib; He, Wenbo; Cheriet, Mohamed

doi:10.1109/ficloud.2015.39

Cited by 3 publications

(2 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In addition, by utilizing the characteristics of the tree structure, studies have adopted algebraic analysis methods for calculating ADTree's quantitative properties. For example, the authors of [30] applied the ADTree to accurately calculate the damage cost of multistep attacks, measure the propagation of attack damage in the network, and choose appropriate countermeasures for minimizing the impact of attacks on services. For the multiparameter optimization of ADTrees, the authors of [31] designed automation techniques for optimizing all parameters.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

A Minimum Defense Cost Calculation Method for Attack Defense Trees

Zhong

2020

Security and Communication Networks

View full text Add to dashboard Cite

The cyberphysical system (CPS) is becoming the infrastructure of society. Unfortunately, the CPS is vulnerable to cyberattacks, which may cause environmental pollution, property losses, and even casualties. Furthermore, in contrast to the conventional Internet, the devices in CPSs are more specific, and the device systems may not be upgraded or installed with new programs during their life spans. The selection of the best defense nodes for defeating cyberattacks is quite challenging in CPSs. To overcome this issue, several attack-defense modeled methods have been proposed. However, few existing studies have considered the defense cost, which is usually a determinant in practice. In this paper, we propose a method for choosing optimal defense nodes that (1) can defeat specific attacks and (2) are inexpensive. First, the atom attack defense tree (A2DTree) is proposed by adding constraints to the conventional attack defense tree (ADTree). Second, the algebraic method is used to efficiently calculate the minimum defense cost. On this basis, a minimum defense cost calculation tool is designed and implemented. Finally, the effectiveness of the proposed method is verified with two typical case studies, and a comparative experiment of related work is carried out. The results show that the method can correctly and efficiently identify the optimal defense nodes and calculate the minimum defense cost of a CPS.

show abstract

Section: Related Workmentioning

confidence: 99%

“…To address this issue, we propose an ADTree structure called A2DTree. Based on this [30][31][32] new modeling technology, the minimum defense cost of the system can be easily calculated via algebraic methods. In this section, we first formally define A2DTree.…”

Section: Atom Attack Defense Treementioning

confidence: 99%