Published: October 12, 2015
Author(s)
Xiaoyan Sun (Penn State University), Anoop Singhal (NIST), Peng Liu (Penn State University)
Conference
Name: 2015 Workshop on Automated Decision Making for Active Cyber Defense (SafeConfig '15)
Dates: October 12, 2015
Location: Denver, Colorado, United States
Citation: Proceedings of the 2015 Workshop on Automated Decision Making for Active Cyber Defense (SafeConfig '15), pp. 21-26
Announcement
Cyber attacks inevitably generate impacts towards relevant missions. However, concrete methods to accurately evaluate such impacts are rare. In this paper, we propose a probabilistic approach based on Bayesian networks for quantitative mission impact assessment. A System Object Dependency Graph (SODG) is first built to capture the intrusion propagation process at the low operating system level. On top of the SODG, a mission-task-asset (MTA) map can be established to associate the system objects with corresponding tasks and missions. Based on the MTA map, a Bayesian network can be constructed to leverage the collected intrusion evidence and infer the probabilities of tasks and missions being tainted. This approach is promising for effective quantitative mission impact assessment.
Cyber attacks inevitably generate impacts towards relevant missions. However, concrete methods to accurately evaluate such impacts are rare. In this paper, we propose a probabilistic approach based on Bayesian networks for quantitative mission impact assessment. A System Object Dependency Graph...
See full abstract
Cyber attacks inevitably generate impacts towards relevant missions. However, concrete methods to accurately evaluate such impacts are rare. In this paper, we propose a probabilistic approach based on Bayesian networks for quantitative mission impact assessment. A System Object Dependency Graph (SODG) is first built to capture the intrusion propagation process at the low operating system level. On top of the SODG, a mission-task-asset (MTA) map can be established to associate the system objects with corresponding tasks and missions. Based on the MTA map, a Bayesian network can be constructed to leverage the collected intrusion evidence and infer the probabilities of tasks and missions being tainted. This approach is promising for effective quantitative mission impact assessment.
Hide full abstract
Keywords
attack graphs; Bayesian networks; mission impact assessment; System Object Dependency Graph
Control Families
None selected
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
