Title :
A Cyber Attack Modeling and Impact Assessment framework
Author :
Kotenko, Igor ; Chechulin, Andrey
Author_Institution :
Lab. of Comput. Security Problems, St. Petersburg Inst. for Inf. & Autom., St. Petersburg, Russia
Abstract :
The paper suggests a framework for cyber attack modeling and impact assessment. It is supposed that the common approach to attack modeling and impact assessment is based on representing malefactors´ behavior, generating attack graphs, calculating security metrics and providing risk analysis procedures. The main aspects outlined are achieving near-real time mode, event analysis and prognosis mechanisms, security and impact assessment. To optimize the attack graph generation and security evaluation we apply an anytime approach to have the result at any time by applying a set of algorithms with different timelines and precision. The architecture of the Cyber Attack Modeling and Impact Assessment Component (CAMIAC) is proposed. We present the prototype of the component, the results of experiments carried out, and comparative analysis of the techniques used.
Keywords :
computer network security; graph theory; risk analysis; CAMIAC architecture; attack graph generation; cyber attack modeling and impact assessment component architecture; event analysis; malefactor behavior representation; near-real time mode; prognosis mechanisms; risk analysis procedures; security assessment; security evaluation; security metrics; Algorithm design and analysis; Analytical models; Computational modeling; Measurement; Prototypes; Real-time systems; Security; anytime algorithms; attack graphs; attack modeling; impact assessment; security metrics;
Conference_Titel :
Cyber Conflict (CyCon), 2013 5th International Conference on
Conference_Location :
Tallinn
Print_ISBN :
978-1-4799-0450-1
