Reference : Fast and optimal countermeasure selection for attack defence trees
Scientific congresses, symposiums and conference proceedings : Paper published in a journal
Engineering, computing & technology : Computer science
Security, Reliability and Trust
Fast and optimal countermeasure selection for attack defence trees
Muller, Steve mailto [[University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC) >]
Harpes, Carlo mailto [itrust consulting s.à r.l., Niederanven, Luxembourg]
Muller, Cédric [itrust consulting s.à r.l., Niederanven, Luxembourg]
Lecture Notes in Computer Science
10224 LNCS
4th International Workshop on Risk Assessment and Risk Driven Quality Assurance, RISK 2016 held in conjunction with 28th International Conference on Testing Software and Systems, ICTSS 2016
18 October 2016 through 18 October 2016
[en] Attack-defence tree ; Branch and bound algorithm ; Optimal defences ; Return On Security Investment ; Risk treatment optimisation ; Branch and bound method ; Forestry ; Optimization ; Quality assurance ; Risk management ; Risk perception ; Software testing ; Trees (mathematics) ; Branch-and-bound algorithms ; Optimisations ; Security investments ; Risk assessment
[en] Risk treatment is an important part of risk management, and deals with the question which security controls shall be implemented in order to mitigate risk. Indeed, most notably when the mitigated risk is low, the costs engendered by the implementation of a security control may exceed its benefits. The question becomes particularly interesting if there are several countermeasures to choose from. A promising candidate for modeling the effect of defensive mechanisms on a risk scenario are attack–defence trees. Such trees allow one to compute the risk of a scenario before and after the implementation of a security control, and thus to weigh its benefits against its costs. A naive approach for finding an optimal set of security controls is to try out all possible combinations. However, such a procedure quickly reaches its limits already for a small number of defences. This paper presents a novel branch-and-bound algorithm, which skips a large part of the combinations that cannot lead to an optimal solution. The performance is thereby increased by several orders of magnitude compared to the pure brute–force version. © 2017, Springer International Publishing AG.
10239425, FNR, Fonds National de la Recherche Luxembourg

File(s) associated to this reference

Fulltext file(s):

Limited access
authors_copy.pdfAuthor preprint280.9 kBRequest a copy

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.