TY - GEN
T1 - Quantitative evaluation of attack/defense scenarios through Decision Network modelling and analysis
AU - Codetta-Raiteri, Daniele
AU - Portinale, Luigi
AU - Terruggia, Roberta
N1 - Publisher Copyright:
© 2014 IEEE.
PY - 2014/12/15
Y1 - 2014/12/15
N2 - We exploit Decision Networks (DN) for the analysis of attack/defense scenarios. DN extend both the modeling and the analysis capabilities of formalisms based on Attack Trees, which are the main reference model in such a context. In particular, DN can naturally address uncertainty at every level, including the interaction level of attacks and countermeasures, making possible the modeling of situations which are not limited to Boolean combinations of events. Furthermore, inference algorithms can be exploited for a probabilistic analysis with the goal of assessing the risk and the importance of the attacks (with respect to specific sets of countermeasures), and selecting the optimal set (with respect to a specific objective function) of countermeasures to activate.
AB - We exploit Decision Networks (DN) for the analysis of attack/defense scenarios. DN extend both the modeling and the analysis capabilities of formalisms based on Attack Trees, which are the main reference model in such a context. In particular, DN can naturally address uncertainty at every level, including the interaction level of attacks and countermeasures, making possible the modeling of situations which are not limited to Boolean combinations of events. Furthermore, inference algorithms can be exploited for a probabilistic analysis with the goal of assessing the risk and the importance of the attacks (with respect to specific sets of countermeasures), and selecting the optimal set (with respect to a specific objective function) of countermeasures to activate.
KW - Attack-Defense Trees
KW - Decision Networks
KW - SCADA
KW - importance measures
KW - return on investment
KW - risk
UR - http://www.scopus.com/inward/record.url?scp=84931059192&partnerID=8YFLogxK
U2 - 10.1109/CCST.2014.6987040
DO - 10.1109/CCST.2014.6987040
M3 - Conference contribution
AN - SCOPUS:84931059192
T3 - Proceedings - International Carnahan Conference on Security Technology
BT - Proceedings - 2014 International Carnahan Conference on Security Technology, ICCST 2014
A2 - Garzia, Fabio
A2 - Garzia, Fabio
A2 - Garzia, Fabio
A2 - Thomas, Gordon
A2 - Pritchard, Daniel A.
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 48th Annual IEEE International Carnahan Conference on Security Technology, ICCST 2014
Y2 - 13 October 2014 through 16 October 2014
ER -