Selecting the optimal set of countermeasures to secure a network is a challenging task, since it involves various considerations and trade-offs, such as prioritizing the risks to mitigate given the mitigation costs. Previously suggested approaches are based on limited and largely manual risk assessment procedures, provide recommendations for a specific event, or don’t consider the organization’s constraints (e.g., limited budget). In this paper, we present an improved attack graph-based risk assessment process and apply heuristic search to select an optimal countermeasure plan for a given network and budget. The risk assessment process represents the risk in the system in such a way that incorporates the quantitative risk factors and relevant countermeasures; this allows us to assess the risk in the system under different countermeasure plans during the search, without the need to regenerate the attack graph. We also provide a detailed description of countermeasure modeling and discuss how the countermeasures can be automatically matched to the security issues discovered in the network.
|Original language||English GB|
|Number of pages||16|
|State||Published - 2021|
|Event||2021 IEEE 34th Computer Security Foundations Symposium (CSF) - |
Duration: 21 Jun 2021 → 25 Jun 2021
|Conference||2021 IEEE 34th Computer Security Foundations Symposium (CSF)|
|Period||21/06/21 → 25/06/21|