BluGen: An Analytic Framework for Mission-Cyber  Risk Assessment and Mitigation Recommendation

Llansó, Thomas; McNeil, Martha; Pearson, Dallas; Moore, George C.

doi:10.24251/hicss.2017.724

Cited by 5 publications

(4 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A metric of performance for a system with N 0 cyber components. In general, the metric of performance will be specific to the purpose of the particular cyber system and any physical system that it enables [6,[26][27][28], but it is also possible to consider a generic metric of performance determined by the state of the cyber system [6].…”

Section: Systems With Only Two Possible Statesmentioning

confidence: 99%

Population processes in cyber system variability

Mangel

Brown

2022

PLoS ONE

View full text Add to dashboard Cite

Variability is inherent to cyber systems. Here, we introduce ideas from stochastic population biology to describe the properties of two broad kinds of cyber systems. First, we assume that each of N0 components can be in only one of two states: functional or nonfunctional. We model this situation as a Markov process that describes the transitions between functional and nonfunctional states. We derive an equation for the probability that an individual cyber component is functional and use stochastic simulation to develop intuition about the dynamics of individual cyber components. We introduce a metric of performance of the system of N0 components that depends on the numbers of functional and nonfunctional components. We numerically solve the forward Kolmogorov (or Fokker–Planck) equation for the number of functional components at time t, given the initial number of functional components. We derive a Gaussian approximation for the solution of the forward equation so that the properties of the system with many components can be determined from the transition probabilities of an individual component, allowing scaling to very large systems. Second, we consider the situation in which the operating system (OS) of cyber components is updated in time. We motivate the question of OS in use as a function of the most recent OS release with data from a network of desktop computers. We begin the analysis by specifying a temporal schedule of OS updates and the probability of transitioning from the current OS to a more recent one. We use a stochastic simulation to capture the pattern of the motivating data, and derive the forward equation for the OS of an individual computer at any time. We then include compromise of OSs to compute that a cyber component has an unexploited OS at any time. We conclude that an interdisciplinary approach to the variability of cyber systems can shed new light on the properties of those systems and offers new and exciting ways to understand them.

show abstract

Section: Systems With Only Two Possible Statesmentioning

confidence: 99%

Population processes in cyber system variability

Mangel

Brown

2022

PLoS ONE

View full text Add to dashboard Cite

show abstract

“…Another interesting finding is that 12.5% of the publications use requirements to frame their problem statements. For instance, Llansó et al (2017) guide their design process with a list of nine requirements. We believe that the usage of requirements is unique to design science in comparison to behavioral science.…”

Section: Research Question Constructionmentioning

confidence: 99%

Construction of Design Science Research Questions

Thuan¹,

Drechsler²,

Antunes³

2019

CAIS

View full text Add to dashboard Cite

This is a PDF file of an unedited manuscript that has been accepted for publication in the Communications of the Association for Information Systems. We are providing this early version of the manuscript to allow for expedited dissemination to interested readers. The manuscript will undergo copyediting, typesetting, and review of the resulting proof before it is published in its final form. Please note that during the production process errors may be discovered, which could affect the content. All legal disclaimers that apply to the Communications of the Association for Information Systems pertain.

show abstract

“…This paper examines defensive solution selection in the context of a capability-based representation for cyber threats and mitigations to those threats [5][39] [40]. We define a capability as the ability to contribute in some way to the attack or defense of a target system and a defensive solution as a coordinated set of defensive capabilities.…”

Section: Capability-based Representationmentioning

confidence: 99%

“…A key method for prioritizing mitigations is to assess the business/mission risks that an organization faces due to the anticipated cyber threat. A number of risk assessment methods are available (e.g., [5]- [12]) that can assist system security engineers (SSEs) in identifying risks in a particular environment. In addition to risk, the SSE must also consider other criteria when making mitigation decisions.…”

Section: Introductionmentioning

confidence: 99%

Multi-Criteria Selection of Capability-Based Cybersecurity Solutions

Llansó¹,

McNeil²,

Noteboom³

2019

Proceedings of the Annual Hawaii International Conference on System Sciences

Self Cite

View full text Add to dashboard Cite

Given the increasing frequency and severity of cyber attacks on information systems of all kinds, there is interest in rationalized approaches for selecting the "best" set of cybersecurity mitigations. However, what is best for one target environment is not necessarily best for another. This paper examines an approach to selection that uses a set of weighted criteria, where the security engineer sets the weights based on organizational priorities and constraints. The approach is based on a capability-based representation for cybersecurity mitigations. The paper discusses a group of artifacts that compose the approach through the lens of Design Science research and reports performance results of an instantiation artifact.

show abstract

BluGen: An Analytic Framework for Mission-Cyber Risk Assessment and Mitigation Recommendation

Abstract: Abstract

Cited by 5 publications

References 14 publications

Population processes in cyber system variability

Population processes in cyber system variability

Construction of Design Science Research Questions

Multi-Criteria Selection of Capability-Based Cybersecurity Solutions

Contact Info

Product

Resources

About