Efficient Attack Countermeasure Selection Accounting for Recovery and Action Costs

Soikkeli, Jukka; Muñoz-González, Luis; Lupu, Emil

doi:10.1145/3339252.3339270

Cited by 7 publications

(10 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Attack graphs are also being studied extensively and employed for the purpose of optimal selection of countermeasures, e.g., in [20], [29], [35], [37]. While the objects called attack graphs in [37] are essentially the same as the attack graphs of [1], and a reduced version of the latter, called vulnerability dependency graphs in [1] is used in [35], in each of the works [20], [29], [37] attack graphs are defined differently. Furthermore, each of them having different optimization goals, the optimization methods of [20], [29], [35], [37] require different input data.…”

Section: Related Workmentioning

confidence: 99%

“…time-to-compromise [12], path length [14], attack difficulty [24], weakest adversary security metric [27], attack resistance [40], probabilistic security metric [39] it is possible to measure security of the target assets in a network. These metrics can be further used for suggesting actions by which security of valuable assets increases [20], [23], [25], [29], [35], [37].…”

mentioning

confidence: 99%

See 1 more Smart Citation

Security Countermeasures Selection Using the Meta Attack Language and Probabilistic Attack Graphs

2022

View full text Add to dashboard Cite

Connecting critical infrastructure assets to the network is absolutely essential for modern industries. In contrast to the apparent advantages, network connectivity exposes other infrastructure vulnerabilities that can be exploited by attackers. To protect the infrastructure, precise countermeasure identification is necessary. In this regard, the objective for the security officers is to identify the optimal set of countermeasures under a variety of budgetary restrictions. Our approach is based on the Meta Attack Language framework, which allows for convenient modelling of said infrastructures, as well as for automatic generation of attack graphs describing attacks against them. We formalize the problem of the selection of countermeasures in this context. The formalization makes it possible to deal with an arbitrary number of budgets, expressing available resources of both monetary and time-like nature, and to model numerous dependencies between countermeasures, including order dependencies, mutual exclusivity, and interdependent implementation costs. We propose a flexible and scalable algorithm for the problem. The whole methodology is validated in practice on realistic models.

show abstract

Section: Related Workmentioning

confidence: 99%

mentioning

confidence: 99%

Security Countermeasures Selection Using the Meta Attack Language and Probabilistic Attack Graphs

2022

View full text Add to dashboard Cite

show abstract

“…In this regard, our approach relates to works on quantifying cyber resilience [13] of a system, most directly to approaches for measuring resilience based on performance over time such as Bruneau et al [14] and Ganin et al [15]. In employing a resilience-inspired view on attack impacts as a basis for decision making, our approach is similar to that adopted in [7] to select countermeasures to attacks, but our focus here is on UAVs and on making decisions over the appropriate mission setup and on mission continuation in the face of attacks. We model attack impacts with a combination of a model of attack progression and a model of system performance in producing its output.…”

Section: Related Workmentioning

confidence: 99%

“…We model attack impacts with a combination of a model of attack progression and a model of system performance in producing its output. This relates to methods by [6], [7] that approach attack impact assessment via a combination of an attack graph (AG) and a service dependency graph. In contrast to these works, we use a Petri net for modeling attack progression, and find it particularly suited to this in our application context.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Analyzing the Viability of UAV Missions Facing Cyber Attacks

Soikkeli

Perner

Lupu

2021

2021 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)

Self Cite

View full text Add to dashboard Cite

With advanced video and sensing capabilities, unoccupied aerial vehicles (UAVs) are increasingly being used for numerous applications that involve the collaboration and autonomous operation of teams of UAVs. Yet such vehicles can be affected by cyber attacks, impacting the viability of their missions. We propose a method to conduct mission viability analysis under cyber attacks for missions that employ a team of several UAVs that share a communication network. We apply our method to a case study of a survey mission in a wildfire firefighting scenario. Within this context, we show how our method can help quantify the expected mission performance impact from an attack and determine if the mission can remain viable under various attack situations. Our method can be used both in the planning of the mission and for decision making during mission operation. Our approach to modeling attack progression and impact analysis with Petri nets is also more broadly applicable to other settings involving multiple resources that can be used interchangeably towards the same objective.

show abstract