CyMRisk: An approach for computing mission risk due to cyber attacks

Llansó, Thomas; Klatt, E.

doi:10.1109/syscon.2014.6819227

Cited by 10 publications

(6 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A metric of performance for a system with N 0 cyber components. In general, the metric of performance will be specific to the purpose of the particular cyber system and any physical system that it enables [6,[26][27][28], but it is also possible to consider a generic metric of performance determined by the state of the cyber system [6].…”

Section: Systems With Only Two Possible Statesmentioning

confidence: 99%

Population processes in cyber system variability

Mangel

Brown

2022

PLoS ONE

View full text Add to dashboard Cite

Variability is inherent to cyber systems. Here, we introduce ideas from stochastic population biology to describe the properties of two broad kinds of cyber systems. First, we assume that each of N0 components can be in only one of two states: functional or nonfunctional. We model this situation as a Markov process that describes the transitions between functional and nonfunctional states. We derive an equation for the probability that an individual cyber component is functional and use stochastic simulation to develop intuition about the dynamics of individual cyber components. We introduce a metric of performance of the system of N0 components that depends on the numbers of functional and nonfunctional components. We numerically solve the forward Kolmogorov (or Fokker–Planck) equation for the number of functional components at time t, given the initial number of functional components. We derive a Gaussian approximation for the solution of the forward equation so that the properties of the system with many components can be determined from the transition probabilities of an individual component, allowing scaling to very large systems. Second, we consider the situation in which the operating system (OS) of cyber components is updated in time. We motivate the question of OS in use as a function of the most recent OS release with data from a network of desktop computers. We begin the analysis by specifying a temporal schedule of OS updates and the probability of transitioning from the current OS to a more recent one. We use a stochastic simulation to capture the pattern of the motivating data, and derive the forward equation for the OS of an individual computer at any time. We then include compromise of OSs to compute that a cyber component has an unexploited OS at any time. We conclude that an interdisciplinary approach to the variability of cyber systems can shed new light on the properties of those systems and offers new and exciting ways to understand them.

show abstract

Section: Systems With Only Two Possible Statesmentioning

confidence: 99%

Population processes in cyber system variability

Mangel

Brown

2022

PLoS ONE

View full text Add to dashboard Cite

show abstract

“…BluGen does not prescribe how raw criticality scores are derived; the scores could be assigned by SMEs or they could come about from running a mission performance model that can model cyber effects and automatically determine related mission impacts, e.g., [34]. The former would typically provide scores along an ordinal scale, while the latter would typically provide scores along a ratio scale based on mission performance metrics.…”

Section: Environment Modelmentioning

confidence: 99%

“…In addition, such assessments are time consuming and subject to the effects of SME-bias in assigning scores along ordinal scales. While some progress has been made in automating impact scoring, e.g., [33] and [34], approaches to automating attack likelihood scoring remain in their infancy. Furthermore, there is thus far no clear-cut automation path that leads from attackcentric risk assessment to mitigation analysis.…”

mentioning

confidence: 99%

BluGen: An Analytic Framework for Mission-Cyber Risk Assessment and Mitigation Recommendation

Llansó

McNeil

Pearson

et al. 2017

Proceedings of the 50th Hawaii International Conference on System Sciences (2017)

Self Cite

View full text Add to dashboard Cite

show abstract

“…While progress is being made on augmenting or replacing SMEs for scoring cyber attack impact on mission/business in mission-cyber risk assessments [6] [7], the community is not as far along in scoring likelihood, and, in particular, the LOE component of likelihood. The rest of this paper focuses on the LOE component.…”

Section: Figure 1 -Sample Mission-cyber Risk Assessment Plotmentioning

confidence: 99%

An approach for estimating cyber attack level of effort

Llansó

Dwivedi

Smeltzer

2015

2015 Annual IEEE Systems Conference (SysCon) Proceedings

Self Cite

View full text Add to dashboard Cite

Timely risk assessments allow organizations to gauge the degree to which cyber attacks threaten their mission/business objectives. Risk plots in such assessments typically include cyber attack likelihood values along with the impact. This paper describes an algorithm and an associated model that allow for estimation of one aspect of cyber attack likelihood, attack level of effort. The approach involves the use of an ordinal set of standardized attacker tiers, associated attacker capabilities, and protections (security controls) required to resist those capabilities.

show abstract

CyMRisk: An approach for computing mission risk due to cyber attacks

Cited by 10 publications

References 7 publications

Population processes in cyber system variability

Population processes in cyber system variability

BluGen: An Analytic Framework for Mission-Cyber Risk Assessment and Mitigation Recommendation

An approach for estimating cyber attack level of effort

Contact Info

Product

Resources

About