A defense-centric model for multi-step attack damage cost evaluation

Shameli-Sendi, Alireza, Louafi, Habib, He, Wenbo et Cheriet, Mohamed. 2015. « A defense-centric model for multi-step attack damage cost evaluation ». In 2015 3rd International Conference on Future Internet of Things and Cloud (FiCloud) (Rome, Italy, Aug. 24-26, 2015) pp. 145-149. IEEE.
Compte des citations dans Scopus : 1.

Preview

PDF Cheriet M. 2015 12253 A defense-centric model for multi-step.pdf - Accepted Version Use licence: All rights reserved to copyright holder. Download (2MB) | Preview

Abstract

Measuring the attack damage cost and monitoring the sequence of privilege escalations play a critical role in choosing the right countermeasure by Intrusion Response System (IRS). The existing attack damage cost evaluation approaches inherit some limitations, such as neglecting the dependencies between system assets, ignoring the backward damage of exploited non-goal services, or omitting the potential damage toward the goal service. In this paper, we propose a defense-centric model to calculate the damage cost of a multi-step attack. The main advantage of this model is providing an accurate damage cost by considering not only the damaged services (non-goal services) but also the potential damage toward the attacker target (goal service). To track the attacker's progress and find the attack path, an Attack-Defense Tree (ADT) is used. The model has been implemented in, but is not limited to, the cloud environment and tested with a multi-step attack scenario.

Item Type:	Conference proceeding
Professor:	Professor Cheriet, Mohamed
Affiliation:	Génie de la production automatisée
Date Deposited:	03 Feb 2016 20:40
Last Modified:	08 Mar 2016 17:00
URI:	https://espace2.etsmtl.ca/id/eprint/12253

Actions (login required)

View Item