Browse ORBilu by Open Access
- What it is and what it isn't
- Green Road / Gold Road?
- Ready to Publish. Now What?
- How can I support the OA movement?
- Where can I learn more?
ORBilu is a project developed by
   Search-based Test and Improvement of Machine-Learning-Based Anomaly Detection SystemsCordy, Maxime  ; ; Papadakis, Mike et alin ACM SIGSOFT International Symposium on Software Testing and Analysis (2019) Detailed reference viewed: 217 (8 UL) Bridging two worlds: Reconciling practical risk assessment methodologies with theory of attack treesGadyatskaya, Olga ; ; Mauw, Sjouke et alin Proc. of GraMSec (2016) Security risk treatment often requires a complex cost-benefit analysis to be carried out in order to select countermeasures that optimally reduce risks while having minimal costs. According to ISO/IEC ... [more ▼] Security risk treatment often requires a complex cost-benefit analysis to be carried out in order to select countermeasures that optimally reduce risks while having minimal costs. According to ISO/IEC 27001, risk treatment relies on catalogues of countermeasures, and the analysts are expected to estimate the residual risks. At the same time, recent advancements in attack tree theory provide elegant solutions to this optimization problem. In this short paper we propose to bridge the gap between these two worlds by introducing optimal countermeasure selection problem on attack-defense trees into the TRICK security risk assessment methodology. [less ▲] Detailed reference viewed: 176 (10 UL) |
||
