Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Addressing Privacy and Trust Issues in Cultural Heritage Modelling Kapitel lesen Erstes Kapitel lesen

2016 | OriginalPaper | Buchkapitel

Countermeasure Selection Based on the Attack and Service Dependency Graphs for Security Incident Management

verfasst von : Elena Doynikova, Igor Kotenko

Erschienen in: Risks and Security of Internet and Systems

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

The paper suggests an approach to countermeasure selection that is based on the application of quantitative risk metrics. The approach incorporates several techniques. These techniques differ for the static and dynamic modes of operation of the security analysis and countermeasure selection component. The techniques consider available input data on the network security state. The approach is based on the application of open standards for unified specification of security data, application of attack graphs and service dependency graphs to calculate different security metrics, and takes into account events and information from security information and events management (SIEM) systems.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel Context Aware Intrusion Response Based on Argumentation Logic
Nächstes Kapitel Quantitative Risk, Statistical Methods and the Four Quadrants for Information Security
Literatur
1.
ISO/IEC TR 13335-4:2000. Information technology — Guidelines for the management of IT Security — Part 4: Selection of safeguards
2.
Peltier, T.R.: Information Security Risk Analysis, 3rd edn. CRC Press, Boca Raton (2010)CrossRef
3.
Caralli, R., Stevens, J.F., Young, L.R., Wilson, W.R.: Introducing OCTAVE Allegro: improving the information security risk assessment process. Technical report (2007)
4.
5.
6.
7.
Kotenko, I., Doynikova, E.: Evaluation of computer network security based on attack graphs and security event processing. J. Wirel. Mob. Netw. Ubiquit. Comput. Dependable Appl. (JoWUA) 5(3), 14–29 (2014)
8.
Kotenko, I., Chechulin, A.: Attack modeling and security evaluation in SIEM systems. Int. Trans. Syst. Sci. Appl. 8, 129–147 (2012)
9.
Bursztein, E., Mitchell, J.C.: Using strategy objectives for network security analysis. In: Bao, F., Yung, M., Lin, D., Jing, J. (eds.) Inscrypt 2009. LNCS, vol. 6151, pp. 337–349. Springer, Heidelberg (2010)CrossRef
10.
He, W., Xia, C., Zhang, C., Ji, Y., Ma, X.: A network security risk assessment framework based on game theory. In: Proceedings of the Second International Conference on Future Generation Communication and Networking, vol. 2, pp. 249–253. IEEE (2008)
11.
Noel, S., Jajodia, S., O’Berry, B., Jacobs, M.: Efficient minimum-cost network hardening via exploit dependency graphs. In: Proceedings of the 19th Annual Computer Security Applications Conference, pp. 86–95. IEEE (2003)
12.
Ingols, K., Lippmann, R., Piwowarski, K.: Pratical Attack Graph Generation for Network Defense. Computer Security Applications Conference. Miami Beach, Florida (2006)
13.
Poolsappasit, N., Dewri, R., Ray, I.: Dynamic security risk management using Bayesian attack graphs. IEEE Trans. Dependable Secur. Comput. 9(1), 61–74 (2012)CrossRef
14.
Dantu, R., Kolan, P., Cangussu, J.: Network risk management using attacker profiling. Secur. Commun. Netw. 2(1), 83–96 (2009)CrossRef
15.
Chunlu, W., Yancheng, W., Yingfei, D., Tianle, Z.: A novel comprehensive network security assessment approach. In: IEEE International Conference on Communications, pp. 1–6. IEEE, Kyoto (2011)
16.
Kotenko, I., Stepashkin, M.: Attack graph based evaluation of network security. In: Leitold, H., Markatos, E.P. (eds.) CMS 2006. LNCS, vol. 4237, pp. 216–227. Springer, Heidelberg (2006)CrossRef
17.
Cremonini, M., Martini, P.: Evaluating information security investments from attackers perspective: the Return-On-Attack (ROA). In: Workshop on the Economics of Information Security (2005)
18.
Kanoun, W., Cuppens-Boulahia, N., Cuppens, F.: Automated reaction based on risk analysis and attackers skills in intrusion detection systems. In: Proceedings of the CRiSIS 2008, pp. 117–124. IEEE, Tozeur (2008)
19.
Wu, Y.-S., Foo, B., Mao, Y.-C., Bagchi, S., Spafford, E.: Automated adaptive intrusion containment in systems of interacting services. Comput. Netw. Int. J. Comput. Telecommun. Netw. 51(5), 1334–1360 (2007). Elsevier North-Holland, Inc. New York, NY, USAMATH
20.
Hoo, K.J.S.: How much is enough? a risk-management approach to computer security. Ph.D. thesis, Stanford University (2000)
21.
Kheir, N.: Response policies and counter-measures: management of service dependencies and intrusion and reaction impacts. Ph.D. thesis (2010)
22.
Gonzalez Granadillo, G., Débar, H., Jacob, G., Gaber, C., Achemlal, M.: Individual countermeasure selection based on the return on response investment index. In: Kotenko, I., Skormin, V. (eds.) MMM-ACNS 2012. LNCS, vol. 7531, pp. 156–170. Springer, Heidelberg (2012)CrossRef
23.
Kotenko, I., Chechulin, A.: A cyber attack modeling and impact assessment framework. In: CyCon 2013, pp. 119–142. IEEE and NATO COE Publications (2013)
24.
Waltermire, D., Quinn, S., Scarfone, K., Halbardier, A.: The Technical Specification for the Security Content Automation Protocol (SCAP): SCAP Version 1.2 (2011)
25.
McGuire, G.T., Waltermire, D., Baker, J.O.: Common Remediation Enumeration (CRE) Version 1.0 (Draft). NIST Interagency Report 7831 (Draft) (2011)
26.
Johnson, C.: Enterprise remediation automation. In: NIST, Proceedings of the IT Security Automation Conference (2010)
27.
Kotenko, I., Doynikova, E.: Countermeasure selection in SIEM systems based on the integrated complex of security metrics. In: 23rd Euromicro International Conference on Parallel, Distributed and Network-Based Processing (PDP 2015), pp. 567–574. IEEE (2015)
28.
29.
30.
31.
32.
Strasburg, C., Stakhanova, N., Basu, S., Wong, J.: Intrusion response cost assessment methodology. In: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, New York, NY, USA, pp. 388–391 (2009)
33.
34.
Mell, P., Scarfone, K.: A Complete Guide to the Common Vulnerability Scoring System Version 2.0 (2007)
35.
Metadaten
Titel
Countermeasure Selection Based on the Attack and Service Dependency Graphs for Security Incident Management
verfasst von
Elena Doynikova
Igor Kotenko
Copyright-Jahr
2016
Buch
Risks and Security of Internet and Systems

Print ISBN: 978-3-319-31810-3

Electronic ISBN: 978-3-319-31811-0

Copyright-Jahr: 2016

DOI
https://doi.org/10.1007/978-3-319-31811-0_7