Combining Technical and Financial Impacts for Countermeasure Selection
Open Access
- 13 October 2014
- journal article
- Published by Open Publishing Association in Electronic Proceedings in Theoretical Computer Science
- Vol. 165, 1-14
- https://doi.org/10.4204/eptcs.165.1
Abstract
International audienceResearch in information security has generally focused on providing a comprehensive interpretation of threats, vulnerabilities, and attacks, in particular to evaluate their danger and prioritize responses accordingly. Most of the current approaches propose advanced techniques to detect intrusions and complex attacks but few of these approaches propose well defined methodologies to react against a given attack. In this paper, we propose a novel and systematic method to select security countermeasures from a pool of candidates, by ranking them based on the technical and financial impact associated to each alternative. The method includes industrial evaluation and simulations of the impact associated to a given security measure which allows to compute the return on response investment for different candidates. A simple case study is proposed at the end of the paper to show the applicability of the modeThis publication has 7 references indexed in Scilit:
- RORI-based countermeasure selection using the OrBAC formalismInternational Journal of Information Security, 2013
- Network vulnerability to single, multiple, and probabilistic physical attacksPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2010
- A Service Dependency Model for Cost-Sensitive Intrusion ResponseLecture Notes in Computer Science, 2010
- Combined Attacks and CountermeasuresLecture Notes in Computer Science, 2010
- Enabling automated threat response through the use of a dynamic security policyJournal of Computer Virology and Hacking Techniques, 2007
- Return On Security Investment (ROSI) A Practical Quantitative ModelPublished by INSTICC ,2005
- Return on Investment Analysis for E‐business ProjectsPublished by Wiley ,2004