Retour
  1. Accueil
  3. Référence détaillée
Demander un accès
Communication publiée dans un périodique (Colloques, congrès, conférences scientifiques et actes)
Fast and optimal countermeasure selection for attack defence trees
MULLER, Steve; Harpes, Carlo; Muller, Cédric
2017In Lecture Notes in Computer Science, 10224 LNCS, p. 53-65
Peer reviewed
Permalien
https://hdl.handle.net/10993/33376
DOI
10.1007/978-3-319-57858-3_5
 

Documents (1)Envoyer versDétailsStatistiquesBibliographiePublications similaires

Documents

Texte intégral
authors_copy.pdf
Preprint Auteur (287.64 kB)
Demander un accès

Tous les documents dans ORBilu sont protégés par une licence d'utilisation.

Envoyer vers


Détails


Mots-clés :
Attack-defence tree; Branch and bound algorithm; Optimal defences; Return On Security Investment; Risk treatment optimisation; Branch and bound method; Forestry; Optimization; Quality assurance; Risk management; Risk perception; Software testing; Trees (mathematics); Branch-and-bound algorithms; Optimisations; Security investments; Risk assessment
Résumé :
[en] Risk treatment is an important part of risk management, and deals with the question which security controls shall be implemented in order to mitigate risk. Indeed, most notably when the mitigated risk is low, the costs engendered by the implementation of a security control may exceed its benefits. The question becomes particularly interesting if there are several countermeasures to choose from. A promising candidate for modeling the effect of defensive mechanisms on a risk scenario are attack–defence trees. Such trees allow one to compute the risk of a scenario before and after the implementation of a security control, and thus to weigh its benefits against its costs. A naive approach for finding an optimal set of security controls is to try out all possible combinations. However, such a procedure quickly reaches its limits already for a small number of defences. This paper presents a novel branch-and-bound algorithm, which skips a large part of the combinations that cannot lead to an optimal solution. The performance is thereby increased by several orders of magnitude compared to the pure brute–force version. © 2017, Springer International Publishing AG.
Disciplines :
Sciences informatiques
Identifiants :
eid=2-s2.0-85018429810
Auteur, co-auteur :
MULLER, Steve ;  [University of Luxembourg > Faculty of Science, Technology and Communication (FSTC) > Computer Science and Communications Research Unit (CSC)
Harpes, Carlo;  itrust consulting s.à r.l., Niederanven, Luxembourg
Muller, Cédric;  itrust consulting s.à r.l., Niederanven, Luxembourg
Co-auteurs externes :
no
Langue du document :
Anglais
Titre :
Fast and optimal countermeasure selection for attack defence trees
Date de publication/diffusion :
2017
Nom de la manifestation :
4th International Workshop on Risk Assessment and Risk Driven Quality Assurance, RISK 2016 held in conjunction with 28th International Conference on Testing Software and Systems, ICTSS 2016
Date de la manifestation :
18 October 2016 through 18 October 2016
Manifestation à portée :
International
Titre du périodique :
Lecture Notes in Computer Science
ISSN :
0302-9743
eISSN :
1611-3349
Maison d'édition :
Springer
Volume/Tome :
10224 LNCS
Pagination :
53-65
Peer reviewed :
Peer reviewed
Focus Area :
Security, Reliability and Trust
Organisme subsidiant :
10239425, FNR, Fonds National de la Recherche Luxembourg
Commentaire :
191379 9783319578576
Disponible sur ORBilu :
depuis le 01 décembre 2017

Statistiques

Nombre de vues
179 (dont 7 Unilu)
Nombre de téléchargements
3 (dont 3 Unilu)
Voir plus de statistiques
citations Scopus®
 
1
citations Scopus®
sans auto-citations
1
OpenCitations
 
0
citations OpenAlex
 
2
citations WoS
 
0

Bibliographie

Publications similaires


Contacter ORBilu