• DocumentCode
    1261865
  • Title

    Dynamic Security Risk Management Using Bayesian Attack Graphs

  • Author

    Poolsappasit, Nayot ; Dewri, Rinku ; Ray, Indrajit

  • Author_Institution
    Dept. of Comput. Sci., Missouri Univ. of Sci. & Technol., Rolla, MO, USA
  • Volume
    9
  • Issue
    1
  • fYear
    2012
  • Firstpage
    61
  • Lastpage
    74
  • Abstract
    Security risk assessment and mitigation are two vital processes that need to be executed to maintain a productive IT infrastructure. On one hand, models such as attack graphs and attack trees have been proposed to assess the cause-consequence relationships between various network states, while on the other hand, different decision problems have been explored to identify the minimum-cost hardening measures. However, these risk models do not help reason about the causal dependencies between network states. Further, the optimization formulations ignore the issue of resource availability while analyzing a risk model. In this paper, we propose a risk management framework using Bayesian networks that enable a system administrator to quantify the chances of network compromise at various levels. We show how to use this information to develop a security mitigation and management plan. In contrast to other similar models, this risk model lends itself to dynamic analysis during the deployed phase of the network. A multiobjective optimization platform provides the administrator with all trade-off information required to make decisions in a resource constrained environment.
  • Keywords
    belief networks; information technology; optimisation; risk management; security of data; Bayesian attack graphs; Bayesian networks; IT infrastructure; administrator system; attack trees; dynamic security risk management; multiobjective optimization platform; resource constrained environment; security mitigation; Analytical models; Bayesian methods; Computational modeling; Computer crime; Computer hacking; Computer security; Risk management; Bayesian belief networks; Security risk assessment; attack graph.; mitigation analysis;
  • fLanguage
    English
  • Journal_Title
    Dependable and Secure Computing, IEEE Transactions on
  • Publisher
    ieee
  • ISSN
    1545-5971
  • Type

    jour

  • DOI
    10.1109/TDSC.2011.34
  • Filename
    5936075