| Title | Heuristic Approach for Countermeasure Selection Using Attack Graphs |
| Publication Type | Conference Paper |
| Year of Publication | 2021 |
| Authors | Stan, Orly, Bitton, Ron, Ezrets, Michal, Dadon, Moran, Inokuchi, Masaki, Ohta, Yoshinobu, Yagyu, Tomohiko, Elovici, Yuval, Shabtai, Asaf |
| Conference Name | 2021 IEEE 34th Computer Security Foundations Symposium (CSF) |
| Date Published | jun |
| Keywords | Attack Graphs, composability, Computational modeling, computer security, Countermeasure Planning, Manuals, Predictive Metrics, pubcrawl, Resiliency, risk management, Task Analysis |
| Abstract | Selecting the optimal set of countermeasures to secure a network is a challenging task, since it involves various considerations and trade-offs, such as prioritizing the risks to mitigate given the mitigation costs. Previously suggested approaches are based on limited and largely manual risk assessment procedures, provide recommendations for a specific event, or don't consider the organization's constraints (e.g., limited budget). In this paper, we present an improved attack graph-based risk assessment process and apply heuristic search to select an optimal countermeasure plan for a given network and budget. The risk assessment process represents the risk in the system in such a way that incorporates the quantitative risk factors and relevant countermeasures; this allows us to assess the risk in the system under different countermeasure plans during the search, without the need to regenerate the attack graph. We also provide a detailed description of countermeasure modeling and discuss how the countermeasures can be automatically matched to the security issues discovered in the network. |
| DOI | 10.1109/CSF51468.2021.00003 |
| Citation Key | stan_heuristic_2021 |
Heuristic Approach for Countermeasure Selection Using Attack Graphs