Quantitative evaluation of attack/defense scenarios through Decision Network modelling and analysis

Author

Codetta-Raiteri, Daniele ; Portinale, Luigi ; Terruggia, Roberta

Author_Institution

DiSIT, Univ. of Piemonte Orientale, Alessandria, Italy

fYear

2014

fDate

13-16 Oct. 2014

Firstpage

1

Lastpage

6

Abstract

We exploit Decision Networks (DN) for the analysis of attack/defense scenarios. DN extend both the modeling and the analysis capabilities of formalisms based on Attack Trees, which are the main reference model in such a context. In particular, DN can naturally address uncertainty at every level, including the interaction level of attacks and countermeasures, making possible the modeling of situations which are not limited to Boolean combinations of events. Furthermore, inference algorithms can be exploited for a probabilistic analysis with the goal of assessing the risk and the importance of the attacks (with respect to specific sets of countermeasures), and selecting the optimal set (with respect to a specific objective function) of countermeasures to activate.

Keywords

Bayes methods; SCADA systems; inference mechanisms; security of data; Boolean combinations; SCADA; address uncertainty; attack-defense trees; decision network analysis; decision network modelling; inference algorithms; probabilistic analysis; quantitative evaluation; Analytical models; Barium; Bismuth; Computational modeling; Web servers; Xenon; Attack-Defense Trees; Decision Networks; SCADA; importance measures; return on investment; risk;

fLanguage

English

Publisher

ieee

Conference_Titel

Security Technology (ICCST), 2014 International Carnahan Conference on

Conference_Location

Rome

Print_ISBN

978-1-4799-3530-7

Type

conf

DOI

10.1109/CCST.2014.6987040

Filename

6987040