Security and Privacy in Communication Networks. 11th International Conference, SecureComm 2015, Dallas, TX, USA, October 26-29, 2015, Revised Selected Papers

Research Article

Using a 3D Geometrical Model to Improve Accuracy in the Evaluation and Selection of Countermeasures Against Complex Cyber Attacks

Download
263 downloads
  • @INPROCEEDINGS{10.1007/978-3-319-28865-9_29,
        author={Gustavo Granadillo and Joaquin Garcia-Alfaro and Herv\^{e} Debar},
        title={Using a 3D Geometrical Model to Improve Accuracy in the Evaluation and Selection of Countermeasures Against Complex Cyber Attacks},
        proceedings={Security and Privacy in Communication Networks. 11th International Conference, SecureComm 2015, Dallas, TX, USA, October 26-29, 2015, Revised Selected Papers},
        proceedings_a={SECURECOMM},
        year={2016},
        month={2},
        keywords={Countermeasure selection Geometrical volume Security impact CARVER Response actions},
        doi={10.1007/978-3-319-28865-9_29}
    }
    
  • Gustavo Granadillo
    Joaquin Garcia-Alfaro
    Hervé Debar
    Year: 2016
    Using a 3D Geometrical Model to Improve Accuracy in the Evaluation and Selection of Countermeasures Against Complex Cyber Attacks
    SECURECOMM
    Springer
    DOI: 10.1007/978-3-319-28865-9_29
Gustavo Granadillo1,*, Joaquin Garcia-Alfaro1,*, Hervé Debar1,*
  • 1: Telecom Sudparis, SAMOVAR UMR 5157
*Contact email: gustavo.gonzalez_granadillo@telecom-sudparis.eu, joaquin.garcia_alfaro@telecom-sudparis.eu, herve.debar@telecom-sudparis.eu

Abstract

The selection of security countermeasures against current cyber attacks does not generally perform appropriate assessments of the attack and countermeasure impact over the system. In addition, the methodologies used to evaluate and select countermeasures are generally based on assumptions, estimations, and expert knowledge. A great level of subjectivity is considered while estimating parameters such as benefits and importance of the investment in cost sensitive models. We propose in this paper a decision support tool that uses a Return On Response Investment (RORI) metric, and a 3D geometrical model to simulate the impact of attacks and countermeasures on the system. The former is a cost sensitive model used to evaluate, rank and select security countermeasures against complex cyber attacks. The latter, is a tool that represents the impact of attacks and countermeasures in a three dimensional coordinate system. As a result, we are able to automatically select mitigation strategies addressing multiple and complex cyber attacks, that are efficient in stopping the attack and preserve, at the same time, the best service to legitimate users. The implementation of the tool and main results are detailed at the end of the paper to show the applicability of our model.