Title :
Combining Defense Graphs and Enterprise Architecture Models for Security Analysis
Author :
Sommestad, Teodor ; Ekstedt, Mathias ; Johnson, Pontus
Author_Institution :
Dept. of Ind. Inf. & Control Syst., R. Inst. of Technol., Stockholm
Abstract :
Security is dependent on a mixture of interrelated concepts such as technical countermeasures, organizational policies, security procedures, and more. To facilitate rational decision making, these concepts need to be combined into an overall judgment on the current security posture, as well as potential future ones. Decision makers are, however, faced with uncertainty regarding both what countermeasures that is in place, and how well different countermeasures contribute to mitigating attacks. This paper presents a security assessment framework using the Bayesian statistics-based extended influence diagrams to combine attack graphs with countermeasures into defense graphs. The approach makes it possible to calculate the probability that attacks succeed based on an enterprise architecture model. The framework also takes uncertainties of the security assessment into consideration. Moreover, using the extended influence diagram formalism the expected loss from each attack can be calculated.
Keywords :
Bayes methods; business data processing; decision making; security of data; Bayesian statistics; attack graphs; defense graphs; enterprise architecture models; extended influence diagrams; rational decision making; security analysis; security assessment framework; Bayesian methods; Data security; Decision making; Information security; Investments; Probability; Protection; Tree data structures; Tree graphs; Uncertainty;
Conference_Titel :
Enterprise Distributed Object Computing Conference, 2008. EDOC '08. 12th International IEEE
Conference_Location :
Munich
Print_ISBN :
978-0-7695-3373-5
DOI :
10.1109/EDOC.2008.37
