Title :
Combination approach to select optimal countermeasures based on the RORI index
Author :
Granadillo, G.G. ; Jacob, Grasha ; Debar, Herve ; Coppolino, Luigi
Author_Institution :
Telecom SudParis, Evry, France
Abstract :
As new and more sophisticated computer attacks appear across the Internet, sometimes with unknown dimensions and criticality, the implementation of individual security solutions become less effective and in some cases useless. Instead, a combined approach is required to guarantee an appropriate and cost-effective mitigation of such attacks. Most of the current work suggests the deployment of multiple countermeasures as a single treatment to mitigate the effects of complex attacks. However, the methodology to analyze and evaluate combined solutions is either hardly explained or very complicated to implement. This paper, therefore proposes a simple and well-structured approach to select the optimal combination of countermeasures by maximizing the cost-effectiveness ratio of the countermeasures, this ratio being measured by the Return on Response Investment (RORI) index. A case study is provided at the end of the document to show the applicability of the model over a critical infrastructure process control.
Keywords :
Internet; security of data; Internet; RORI index; appropriate attack mitigation; combination approach; complex attack effect mitigation; computer attacks; cost-effective attack mitigation; cost-effectiveness ratio maximization; critical infrastructure process control; individual security solutions; optimal countermeasure selection; return-on-response investment index; Equations; Indexes; Integrated circuits; Investments; Mathematical model; Process control; Security;
Conference_Titel :
Innovative Computing Technology (INTECH), 2012 Second International Conference on
Conference_Location :
Casablanca
Print_ISBN :
978-1-4673-2678-0
DOI :
10.1109/INTECH.2012.6457801
