Title | Decision Support for Mission-Centric Network Security Management |
Publication Type | Conference Paper |
Year of Publication | 2020 |
Authors | Javorník, M., Komárková, J., Sadlek, L., Husak, M. |
Conference Name | NOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium |
Keywords | attack graph, Bayesian Network, belief networks, cyber situational awareness, Cyber-physical systems, decision support, Mission resilience, pubcrawl, Resiliency |
Abstract | In this paper, we propose a decision support process that is designed to help network and security operators in understanding the complexity of a current security situation and decision making concerning ongoing cyber-attacks and threats. The process focuses on enterprise missions and uses a graph-based mission decomposition model that captures the missions, underlying hosts and services in the network, and functional and security requirements between them. Knowing the vulnerabilities and attacker's position in the network, the process employs logical attack graphs and Bayesian network to infer the probability of the disruption of the confidentiality, integrity, and availability of the missions. Based on the probabilities of disruptions, the process suggests the most resilient mission configuration that would withstand the current security situation. |
DOI | 10.1109/NOMS47738.2020.9110261 |
Citation Key | javornik_decision_2020 |