2012
DOI: 10.1007/s10207-012-0160-y
|View full text |Cite
|
Sign up to set email alerts
|

Optimal security hardening on attack tree models of networks: a cost-benefit analysis

Abstract: Researchers have previously looked into the problem of determining whether a given set of security hardening measures can effectively make a networked system secure. However, system administrators are often faced with a more challenging problem since they have to work within a fixed budget which may be less than the minimum cost of system hardening. An attacker, on the other hand, explores alternative attack scenarios to inflict the maximum damage possible when the security controls are in place, very often re… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1

Citation Types

0
67
0

Year Published

2013
2013
2023
2023

Publication Types

Select...
5
2
2

Relationship

1
8

Authors

Journals

citations
Cited by 76 publications
(67 citation statements)
references
References 34 publications
0
67
0
Order By: Relevance
“…They provide an appropriate picture of different ways for compromising a target by exploiting a sequence of vulnerabilities. The attack tree tackles the state space explosion problem, which is present in the graph, and consequently addresses the problem of visualization complexity [16]. In this paper, we use the AttackDefense Tree which consists of two types of actions: attacker action and defender action.…”
Section: Attack-defense Treementioning
confidence: 99%
“…They provide an appropriate picture of different ways for compromising a target by exploiting a sequence of vulnerabilities. The attack tree tackles the state space explosion problem, which is present in the graph, and consequently addresses the problem of visualization complexity [16]. In this paper, we use the AttackDefense Tree which consists of two types of actions: attacker action and defender action.…”
Section: Attack-defense Treementioning
confidence: 99%
“…Another analysis that will be useful for addressing aspects of cascading failures is optimal security hardening [20]. In order to protect a system from cyber breaches, all known weaknesses in a system needs to be hardened.…”
Section: Cascading Failuresmentioning
confidence: 99%
“…A localized approach could target specific groups that are known to have higher propagation probabilities or more frequent contact with infected. A global static approach could be too costly due to number of nodes in the network [14]. A dynamic solution that examines edges could be beneficial in calculating the optimal solution [16].…”
Section: Related Workmentioning
confidence: 99%
“…This limitation causes a cost-benefit solution for which choices must be made in order to create an outcome that is favorable to the network administrators. Giving system administrators a variety of implementations allows them to choose the best option, or possible combinations of near optimal solutions, for their system [14].…”
mentioning
confidence: 99%