Research Article
Cyber Security Decision Support for Remediation in Automated Computer Network Defence
@INPROCEEDINGS{10.1007/978-3-319-78816-6_15, author={Maxwell Dondo}, title={Cyber Security Decision Support for Remediation in Automated Computer Network Defence}, proceedings={Security and Privacy in Communication Networks. SecureComm 2017 International Workshops, ATCS and SePrIoT, Niagara Falls, ON, Canada, October 22--25, 2017, Proceedings}, proceedings_a={SECURECOMM \& ATCS \& SEPRIOT}, year={2018}, month={4}, keywords={Course of action Vulnerability Patching Attack graph Remediation Decision-making}, doi={10.1007/978-3-319-78816-6_15} }
- Maxwell Dondo
Year: 2018
Cyber Security Decision Support for Remediation in Automated Computer Network Defence
SECURECOMM & ATCS & SEPRIOT
Springer
DOI: 10.1007/978-3-319-78816-6_15
Abstract
In making important cyber security course of action (COA) decisions, experts mostly use their knowledge and experience to collate and synthesise information from multiple and sometimes conflicting sources such as the continually evolving cyber security tools. Such a decision making process is resource intensive and could result in inconsistencies from experts’ subjective interpretations of how to address the network’s security risks. The push towards automated computer network defence (CND) systems requires autonomous decision making and recommendation approaches for network security remediation. In this work, we present such a novel approach through a TOPSIS-based multi-attribute decision making COA selection technique. Our model uses a survey of experts to show that human experts’ decisions are indeed inconsistent, even when they are provided with the same information. We then present our decision making approach that is based on considering multiple COA selection factors in an operational environment and implementing a multi-objective selection method that provides network defenders with the best actionable COAs for an automated CND system. Our results show consistency that is unmatched by human experts.