Heuristic Approach for Countermeasure Selection Using Attack Graphs

Orly Stan, Ron Bitton, Michal Ezrets, Moran Dadon, Masaki Inokuchi, Yoshinobu Ohta, Tomohiko Yagyu, Yuval Elovici, Asaf Shabtai

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

15 Scopus citations

Abstract

Selecting the optimal set of countermeasures to secure a network is a challenging task, since it involves various considerations and trade-offs, such as prioritizing the risks to mitigate given the mitigation costs. Previously suggested approaches are based on limited and largely manual risk assessment procedures, provide recommendations for a specific event, or don't consider the organization's constraints (e.g., limited budget). In this paper, we present an improved attack graphbased risk assessment process and apply heuristic search to select an optimal countermeasure plan for a given network and budget. The risk assessment process represents the risk in the system in such a way that incorporates the quantitative risk factors and relevant countermeasures; this allows us to assess the risk in the system under different countermeasure plans during the search, without the need to regenerate the attack graph. We also provide a detailed description of countermeasure modeling and discuss how the countermeasures can be automatically matched to the security issues discovered in the network.

Original languageEnglish
Title of host publicationProceedings - 2021 IEEE 34th Computer Security Foundations Symposium, CSF 2021
PublisherInstitute of Electrical and Electronics Engineers
ISBN (Electronic)9781728176079
DOIs
StatePublished - 1 Jan 2021
Event34th IEEE Computer Security Foundations Symposium, CSF 2021 - Virtual, Online, Croatia
Duration: 21 Jun 202125 Jun 2021

Publication series

NameProceedings - IEEE Computer Security Foundations Symposium
Volume2021-June
ISSN (Print)1940-1434

Conference

Conference34th IEEE Computer Security Foundations Symposium, CSF 2021
Country/TerritoryCroatia
CityVirtual, Online
Period21/06/2125/06/21

Keywords

  • Attack Graphs
  • Countermeasure Planning

ASJC Scopus subject areas

  • General Engineering

Fingerprint

Dive into the research topics of 'Heuristic Approach for Countermeasure Selection Using Attack Graphs'. Together they form a unique fingerprint.

Cite this