2014 | OriginalPaper | Buchkapitel
On Security Countermeasures Ranking through Threat Analysis
verfasst von : Nicola Nostro, Ilaria Matteucci, Andrea Ceccarelli, Felicita Di Giandomenico, Fabio Martinelli, Andrea Bondavalli
Erschienen in: Computer Safety, Reliability, and Security
Verlag: Springer International Publishing
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
Security analysis and design are key activities for the protection of critical systems and infrastructures. Traditional approaches consist first in applying a qualitative threat assessment that identifies the attack points. Results are then used as input for the security design such that appropriate countermeasures are selected. In this paper we propose a novel approach for the selection and ranking of security controlling strategies which is driven by quantitative threat analysis based on attack graphs. It consists of two main steps: i) a threat analysis, performed to evaluate attack points and paths identifying those that are feasible, and to rank attack costs from the perspective of an attacker; ii) controlling strategies, to derive the appropriate monitoring rules and the selection of countermeasures are evaluated, based upon the provided values and ranks. Indeed, the exploitation of such threat analysis allows to compare different controlling strategies and to select the one that fits better the given set of functional and security requirements. To exemplify our approach, we adopt part of an electrical power system, the Customer Energy Management System (CEMS), as reference scenario where the steps of threat analysis and security strategies are applied.