Title :
Threat risk analysis for cloud security based on Attack-Defense Trees
Author :
Wang, Ping ; Lin, Wen-Hui ; Kuo, Pu-Tsun ; Lin, Hui-Tang ; Wang, Tzu Chia
Author_Institution :
Dept. of Inf. Manage., Kun Shan Univ., Tainan, Taiwan
Abstract :
The existing attack trees and attack graphs schemes focused on depicting the possible intrusions by presenting the suspected attack profiles, not for interactions between threats and defenses. Consequently, it limits the adoption of the safeguards with which to select the effective defensive strategies. Accordingly, the present study proposes a new method for solving threat risk analysis problem by means of modified Attack-Defense Trees (ADT) considering the effect of both the attack cost and defense cost. The effectiveness of the proposed approach was evaluated by a set of metrics for mitigating new network threats, like APT attacks. In addition, an illustration case of threat risk analysis of cloud security is given to demonstrate our approach. Finally, the adaptability of the proposed scheme is investigated by the attributes comparison with that of the scheme presented by Edge et al. (2007). Overall, our approach provides an effective means of reconstructing the attack profiles and evaluating the countermeasures in the evolutional process of security management for cloud security.
Keywords :
cloud computing; graph theory; risk analysis; security of data; ADT; APT attacks; attack cost; attack graphs; attack-defense trees; cloud security; defense cost; security management; suspected attack profiles; threat risk analysis; Analytical models; Computational modeling; Fault trees; Security; ADT; Attack profile; Attack-Defense Trees; Cloud security; Threat risk analysis;
Conference_Titel :
Computing Technology and Information Management (ICCM), 2012 8th International Conference on
Conference_Location :
Seoul
Print_ISBN :
978-1-4673-0893-9
