A Scenario Method to Automatically Assess ICT Risk

Baiardi, Fabrizio; Corò, Fabio; Tonelli, Federico; Sgandurra, Daniele

doi:10.1109/pdp.2014.105

Cited by 5 publications

(8 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This work integrates the results outlined in [1,2] and presents them systematically. Furthermore, it applies the suite tools to assess and manage the ICT risk of two ICSs, each supervising a distinct power generation plant.…”

Section: Introductionmentioning

confidence: 81%

Assessing and managing the information and communication risk of power generation

Baiardi

Tonelli

Guidi

et al. 2015

Computers & Electrical Engineering

View full text Add to dashboard Cite

Keywords:Risk assessment Metric Intelligent agent Model based assessment Monte Carlo method Industrial control system a b s t r a c t We describe a model-based assessment of information and communication technology (ICT) risk that produces statistical samples by simulating the attacks of intelligent agents. To support this assessment, we have developed an integrated set of tools, the Haruspex suite. Some of its tools build the models of the target system and those of the agents that other tools apply to simulate the agent attacks. Further tools analyze the output of the simulation. After outlining the proposed approach and the suite, we describe the assessments of two industrial control systems that supervise, respectively, a thermoelectric generation plan and a hydroelectric one. To simplify the presentation of the output of these assessments, we introduce the security stress, a synthetic measure of how a system resists to attacks.

show abstract

Section: Introductionmentioning

confidence: 81%

Assessing and managing the information and communication risk of power generation

Baiardi

Tonelli

Guidi

et al. 2015

Computers & Electrical Engineering

View full text Add to dashboard Cite

show abstract

“…This section describes the tools of the Haruspex suite [1] that simulate the attacker behaviors to produce synthetic attack sequences. In the following, we denote by user the team that interacts with such tools to assess and manage the security risks of an ICT system.…”

Section: Ict Risk Assessment: the Haruspex Approachmentioning

confidence: 99%

“…We exploit knowledge discovery approaches to extract informative patterns from the data in the form of sequential patterns. The intended objective is twofold: (1) to exploit the extracted patterns for the design of attack countermeasures, and (2) for gaining a better understanding of the "degree of freedom" available for the attackers of a system. Objective (1) can be achieved by using data mining models for making predictions on the next attack of a threat agent that is following a matched pattern [4,9,11], hence enforcing dynamic counter-measures.…”

Section: Introductionmentioning

confidence: 99%

Sequential Pattern Mining for ICT Risk Assessment and Prevention

D'Andreagiovanni

Baiardi

Lipilini

et al. 2018

Software Engineering and Formal Methods

Self Cite

View full text Add to dashboard Cite

Security risk assessment and prevention in ICT systems rely on the analysis of data on the joint behavior of the system and its (malicious) users. The Haruspex tool models intelligent, goal-oriented agents that reach their goals through attack sequences. Data is synthetically generated through a Monte Carlo method that runs multiple simulations of the attacks against the system. In this paper, we present a sequential pattern mining analysis of the database of attack sequences. The intended objective is twofold: (1) to exploit the extracted patterns for the design of attack counter-measures, and (2) for gaining a better understanding of the "degree of freedom" available for the attackers of a system. We formally motivate the need for using maximal sequential patterns, instead of frequent or closed sequential patterns, and report on the results on a specific case study.

show abstract

“…Haruspex is a suite of tools that supports the proposed approach. Some tools of the suite build the infrastructure, and the agent models starting from the output of a vulnerability scanning and by interacting with the user.…”

Section: Introductionmentioning

confidence: 99%

“…With respect to our previous works , this one is focused on risk management rather than on risk assessment. Hence, we briefly describe the tools to assess the risk and focus on the planner and the manager that automatically manage the risk.…”

Section: Introductionmentioning

confidence: 99%

Iterative selection of countermeasures for intelligent threat agents

2015

Self Cite

View full text Add to dashboard Cite

We describe a model-based approach to select cost-effective countermeasures for an information and communication technology infrastructure under attack by intelligent agents. Each agent tries to reach some predefined goals through a sequence of attacks. The proposed approach builds the models of the infrastructure and of the agents, and then it applies a Monte Carlo method that runs multiple, independent simulations of the agent attacks. These simulations produce a statistical sample that is used to assess the risk. The selection of countermeasures works in an iterative way where each iteration selects some countermeasures and applies the Monte Carlo method to evaluate any residual risk. In this way, it takes into account that an intelligent agent may select distinct attacks to replace those affected by the countermeasures. To improve cost effectiveness, the selection focuses on useful attacks to reach a goal. The Haruspex suite is an integrated set of tool to support this approach. Some of its tools build the models of the agents and the one of the system. Another tool uses these models to apply the Monte Carlo method and simulate the agent attacks. This tool is iteratively invoked by the one that select countermeasures. We describe the adoption of the suite to assess and manage the risk of three industrial control system

show abstract

A Scenario Method to Automatically Assess ICT Risk

Cited by 5 publications

References 21 publications

Assessing and managing the information and communication risk of power generation

Assessing and managing the information and communication risk of power generation

Sequential Pattern Mining for ICT Risk Assessment and Prevention

Iterative selection of countermeasures for intelligent threat agents

Contact Info

Product

Resources

About