Abstract
The selection of security countermeasures against current cyber attacks does not generally perform appropriate assessments of the attack and countermeasure impact over the system. In addition, the methodologies used to evaluate and select countermeasures are generally based on assumptions, estimations, and expert knowledge. A great level of subjectivity is considered while estimating parameters such as benefits and importance of the investment in cost sensitive models. We propose in this paper a decision support tool that uses a Return On Response Investment (RORI) metric, and a 3D geometrical model to simulate the impact of attacks and countermeasures on the system. The former is a cost sensitive model used to evaluate, rank and select security countermeasures against complex cyber attacks. The latter, is a tool that represents the impact of attacks and countermeasures in a three dimensional coordinate system. As a result, we are able to automatically select mitigation strategies addressing multiple and complex cyber attacks, that are efficient in stopping the attack and preserve, at the same time, the best service to legitimate users. The implementation of the tool and main results are detailed at the end of the paper to show the applicability of our model.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Agarwal, P., Efrat, A., Ganjugunte, S., Hay, D., Sankararaman, S., Zussman, G.: Network vulnerability to single, multiple and probabilistic physical attacks. In: Military Communications Conference (2010)
Consulting, L.: A Guide for Government Agencies Calculating ROSI. Technical report (2004). http://lockstep.com.au/library/return_on_investment
Fan, J., Gierlichs, B., Vercauteren, F.: To infinity and beyond: combined attack on ECC using points of low order. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 143–159. Springer, Heidelberg (2011)
Fisher, D.: Microsoft releases attack surface analizer tool (2012). http://threatpost.com/en_us/blogs/microsoft-releases-attack-surface-analyzer-tool-080612
Granadillo, G.G., Belhaouane, M., Debar, H., Jacob, G.: RORI-based countermeasure selection using the orbac formalism. International Journal of Information Security 13(1), 63–79 (2014)
Howard, M., Wing, J.: Measuring relative attack surfaces. In: Computer Security in the 21st Century, pp. 109–137 (2005)
Kalam, A.A.E., Baida, R.E., Balbiani, P., Benferhat, S., Cuppens, F., Deswarte, Y., Miege, A., Saurel, C., Trouessin, G.: Organization based access control. In: 8th International Workshop on Policies for Distributed Systems and Networks (2003)
Kheir, N., Cuppens-Boulahia, N., Cuppens, F., Debar, H.: A service dependency model for cost-sensitive intrusion response. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 626–642. Springer, Heidelberg (2010)
Li, N., Tripunitara, M.: Security analysis in role-based access control. ACM Transactions on Information and System Security 9(4), 391–420 (2006)
Manadhata, P., Wing, J.: An attack surface metric. In: IEEE Transactions on Software Engineering (2010)
Northcutt, S.: The attack surface problem. In: SANS technology Institute Document (2011). http://www.sans.edu/research/security-laboratory/article/did-attack-surface
F. of American Scientists: Special operations forces intelligence and electronic warfare operations. Appendix D: Target Analysis Process (1991). http://www.fas.org/irp/doddir/army/fm34-36/appd.htm
Petajasoja, S., Kortti, H., Takanen, A., Tirila, J.: Ims threat and attack surface analysis using common vulnerability scoring system. In: 35th IEEE Annual Computer Software and Applications Conference Workshops (2011)
Sonnenreich, W., Albanese, J., Stout, B.: Return On Security Investment (rosi) - A Practical Quantitative Model. Journal of Research and Practice in Information Technology 38(1) (2006)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Granadillo, G.G., Garcia-Alfaro, J., Debar, H. (2015). Using a 3D Geometrical Model to Improve Accuracy in the Evaluation and Selection of Countermeasures Against Complex Cyber Attacks. In: Thuraisingham, B., Wang, X., Yegneswaran, V. (eds) Security and Privacy in Communication Networks. SecureComm 2015. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 164. Springer, Cham. https://doi.org/10.1007/978-3-319-28865-9_29
Download citation
DOI: https://doi.org/10.1007/978-3-319-28865-9_29
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-28864-2
Online ISBN: 978-3-319-28865-9
eBook Packages: Computer ScienceComputer Science (R0)