Visible to the public Decision Support for Mission-Centric Network Security Management

TitleDecision Support for Mission-Centric Network Security Management
Publication TypeConference Paper
Year of Publication2020
AuthorsJavorník, M., Komárková, J., Sadlek, L., Husak, M.
Conference NameNOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium
Keywordsattack graph, Bayesian Network, belief networks, cyber situational awareness, Cyber-physical systems, decision support, Mission resilience, pubcrawl, Resiliency
AbstractIn this paper, we propose a decision support process that is designed to help network and security operators in understanding the complexity of a current security situation and decision making concerning ongoing cyber-attacks and threats. The process focuses on enterprise missions and uses a graph-based mission decomposition model that captures the missions, underlying hosts and services in the network, and functional and security requirements between them. Knowing the vulnerabilities and attacker's position in the network, the process employs logical attack graphs and Bayesian network to infer the probability of the disruption of the confidentiality, integrity, and availability of the missions. Based on the probabilities of disruptions, the process suggests the most resilient mission configuration that would withstand the current security situation.
DOI10.1109/NOMS47738.2020.9110261
Citation Keyjavornik_decision_2020