Heuristic Approach for Countermeasure Selection Using Attack Graphs.

Orly Stan, Ron Bitton, Michal Ezrets, Moran Dadon, Masaki Inokuchi, Yoshinobu Ohta, Tomohiko Yagyu, Yuval Elovici, Asaf Shabtai

Research output: Contribution to conferencePaperpeer-review


Selecting the optimal set of countermeasures to secure a network is a challenging task, since it involves various considerations and trade-offs, such as prioritizing the risks to mitigate given the mitigation costs. Previously suggested approaches are based on limited and largely manual risk assessment procedures, provide recommendations for a specific event, or don’t consider the organization’s constraints (e.g., limited budget). In this paper, we present an improved attack graph-based risk assessment process and apply heuristic search to select an optimal countermeasure plan for a given network and budget. The risk assessment process represents the risk in the system in such a way that incorporates the quantitative risk factors and relevant countermeasures; this allows us to assess the risk in the system under different countermeasure plans during the search, without the need to regenerate the attack graph. We also provide a detailed description of countermeasure modeling and discuss how the countermeasures can be automatically matched to the security issues discovered in the network.
Original languageEnglish GB
Number of pages16
StatePublished - 2021
Event2021 IEEE 34th Computer Security Foundations Symposium (CSF) -
Duration: 21 Jun 202125 Jun 2021


Conference2021 IEEE 34th Computer Security Foundations Symposium (CSF)


Dive into the research topics of 'Heuristic Approach for Countermeasure Selection Using Attack Graphs.'. Together they form a unique fingerprint.

Cite this