International Conference on Security and Privacy in Communication Networks. 10th International ICST Conference, SecureComm 2014, Beijing, China, September 24-26, 2014, Revised Selected Papers, Part I

Research Article

Coordination and Concurrency Aware Likelihood Assessment of Simultaneous Attacks

Download
305 downloads
  • @INPROCEEDINGS{10.1007/978-3-319-23829-6_37,
        author={L\^{e}a Samarji and Nora Cuppens-Boulahia and Fr\^{e}d\^{e}ric Cuppens and Serge Papillon and Wael Kanoun and Samuel Dubus},
        title={Coordination and Concurrency Aware Likelihood Assessment of Simultaneous Attacks},
        proceedings={International Conference on Security and Privacy in Communication Networks. 10th International ICST Conference, SecureComm 2014, Beijing, China, September 24-26, 2014, Revised Selected Papers, Part I},
        proceedings_a={SECURECOMM},
        year={2015},
        month={11},
        keywords={Attack likelihood Risk Game Theory Coordinated attacks Concurrent attacks},
        doi={10.1007/978-3-319-23829-6_37}
    }
    
  • Léa Samarji
    Nora Cuppens-Boulahia
    Frédéric Cuppens
    Serge Papillon
    Wael Kanoun
    Samuel Dubus
    Year: 2015
    Coordination and Concurrency Aware Likelihood Assessment of Simultaneous Attacks
    SECURECOMM
    Springer
    DOI: 10.1007/978-3-319-23829-6_37
Léa Samarji,*, Nora Cuppens-Boulahia1,*, Frédéric Cuppens1,*, Serge Papillon2,*, Wael Kanoun2,*, Samuel Dubus2,*
  • 1: Télécom Bretagne
  • 2: Alcatel-Lucent Bell Labs, Villarceaux
*Contact email: lea.el_samarji@alcatel-lucent.com, nora.cuppens@telecom-bretagne.eu, frederic.cuppens@telecom-bretagne.eu, serge.papillon@alcatel-lucent.com, wael.kanoun@alcatel-lucent.com, samuel.dubus@alcatel-lucent.com

Abstract

To avoid improper responses against attacks, current systems rely on metric. Referring to , considers: the attack’s complexity, the attackers’ motivation, and potential responses. Previous work on assessment are limited to individual attacks, missing thereby coordination and concurrency aspects between attackers. Moreover, they do not fulfill all NIST factors. Hence, we propose in this paper a new framework to properly assess the Likelihood of Individual, Coordinated, and Concurrent Attack Scenarios (LICCAS). We are first based on a coordination aware- approach to derive an equation. Then, we propose an algorithm to assess the of each attack scenario, considering the concurrency between attackers. We finally experiment LICCAS on a VoIP use case to demonstrate its relevance.