Optimal security hardening on attack tree models of networks: a cost-benefit analysis

Dewri, Rinku; Ray, Indrajit; Poolsappasit, Nayot; Whitley, Darrell

doi:10.1007/s10207-012-0160-y

Cited by 76 publications

(67 citation statements)

References 34 publications

(45 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…They provide an appropriate picture of different ways for compromising a target by exploiting a sequence of vulnerabilities. The attack tree tackles the state space explosion problem, which is present in the graph, and consequently addresses the problem of visualization complexity [16]. In this paper, we use the AttackDefense Tree which consists of two types of actions: attacker action and defender action.…”

Section: Attack-defense Treementioning

confidence: 99%

Dynamic Optimal Countermeasure Selection for Intrusion Response System

Shameli‐Sendi

Louafi

et al. 2018

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

Abstract-Designing an efficient defense framework is challenging with respect to a network's complexity, widespread sophisticated attacks, attackers' ability, and the diversity of security appliances. The Intrusion Response System (IRS) is intended to respond automatically to incidents by attuning the attack damage and countermeasure costs. The existing approaches inherit some limitations, such as using static countermeasure effectiveness, static countermeasure deployment cost, or neglecting the countermeasures' negative impact on service quality (QoS). These limitations may lead the IRS to select inappropriate countermeasures and deployment locations, which in turn may reduce network performance and disconnect legitimate users. In this paper, we propose a dynamic defense framework that selects an optimal countermeasure against different attack damage costs. To measure the attack damage cost, we propose a novel defense-centric model based on a service dependency graph. To select the optimal countermeasure dynamically, we formulate the problem at hand using a multi-objective optimization concept that maximizes the security benefit, minimizes the negative impact on users and services, and minimizes the security deployment cost with respect to the attack damage cost.

show abstract

Section: Attack-defense Treementioning

confidence: 99%

Dynamic Optimal Countermeasure Selection for Intrusion Response System

Shameli‐Sendi

Louafi

et al. 2018

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

show abstract

“…Another analysis that will be useful for addressing aspects of cascading failures is optimal security hardening [20]. In order to protect a system from cyber breaches, all known weaknesses in a system needs to be hardened.…”

Section: Cascading Failuresmentioning

confidence: 99%

Towards a network-of-networks framework for cyber security

Halappanavar

Choudhury

Hogan

et al. 2013

2013 IEEE International Conference on Intelligence and Security Informatics

Self Cite

View full text Add to dashboard Cite

Networks-of-networks (NoN) is a graph-theoretic model of interdependent networks that have distinct dynamics at each network (layer). By adding special edges to represent relationships between nodes in different layers, NoN provides a unified mechanism to study interdependent systems intertwined in a complex relationship. While NoN based models have been proposed for cyber-physical systems, in this position paper we build towards a three-layered NoN model for an enterprise cyber system. Each layer captures a different facet of a cyber system. We present in-depth discussion for four major graphtheoretic applications to demonstrate how the three-layered NoN model can be leveraged for continuous system monitoring and mission assurance.

show abstract

“…A localized approach could target specific groups that are known to have higher propagation probabilities or more frequent contact with infected. A global static approach could be too costly due to number of nodes in the network [14]. A dynamic solution that examines edges could be beneficial in calculating the optimal solution [16].…”

Section: Related Workmentioning

confidence: 99%

“…This limitation causes a cost-benefit solution for which choices must be made in order to create an outcome that is favorable to the network administrators. Giving system administrators a variety of implementations allows them to choose the best option, or possible combinations of near optimal solutions, for their system [14].…”

mentioning

confidence: 99%