Time Dependent Analysis with Dynamic Counter Measure Trees
Rajesh Kumar, Dennis Guck, Marielle Stoelinga
TL;DR
This paper extends Attack Countermeasure trees by incorporating time as a factor, enabling better modeling of attack scenarios and resource-based countermeasure ranking to improve cybersecurity defenses.
Contribution
It introduces a time-dependent extension to Attack Countermeasure trees, linking attacker resources with success probability for more effective security analysis.
Findings
Enhanced modeling of attack scenarios with time dependency.
Ability to rank countermeasures based on resource consumption.
Improved decision-making for security countermeasures.
Abstract
The success of a security attack crucially depends on time: the more time available to the attacker, the higher the probability of a successful attack. Formalisms such as Reliability block diagrams, Reliability graphs and Attack Countermeasure trees provide quantitative information about attack scenarios, but they are provably insufficient to model dependent actions which involve costs, skills, and time. In this presentation, we extend the Attack Countermeasure trees with a notion of time; inspired by the fact that there is a strong correlation between the amount of resources in which the attacker invests (in this case time) and probability that an attacker succeeds. This allows for an effective selection of countermeasures and rank them according to their resource consumption in terms of costs/skills of installing them and effectiveness in preventing an attack
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsInformation and Cyber Security · Network Security and Intrusion Detection · Advanced Malware Detection Techniques