在选择针对高级持续性威胁(apt)的安全对策时考虑技术和财务影响

2015 7th International Conference on New Technologies, Mobility and Security (NTMS) Pub Date : 2015-07-27 DOI:10.1109/NTMS.2015.7266480

G. G. Granadillo, Joaquín García, Hervé Debar, C. Ponchel, Laura Rodriguez Martin

{"title":"在选择针对高级持续性威胁(apt)的安全对策时考虑技术和财务影响","authors":"G. G. Granadillo, Joaquín García, Hervé Debar, C. Ponchel, Laura Rodriguez Martin","doi":"10.1109/NTMS.2015.7266480","DOIUrl":null,"url":null,"abstract":"This paper presents a model to evaluate and select security countermeasures from a pool of candidates. The model performs industrial evaluation and simulations of the financial and technical impact associated to security countermeasures. The financial impact approach uses the Return On Response Investment (RORI) index to compare the expected impact of the attack when no response is enacted against the impact after applying security countermeasures. The technical impact approach evaluates the protection level against a threat, in terms of confidentiality, integrity, and availability. We provide a use case on malware attacks that shows the applicability of our model in selecting the best countermeasure against an Advanced Persistent Threat.","PeriodicalId":115020,"journal":{"name":"2015 7th International Conference on New Technologies, Mobility and Security (NTMS)","volume":"57 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-07-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"Considering technical and financial impact in the selection of security countermeasures against Advanced Persistent Threats (APTs)\",\"authors\":\"G. G. Granadillo, Joaquín García, Hervé Debar, C. Ponchel, Laura Rodriguez Martin\",\"doi\":\"10.1109/NTMS.2015.7266480\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper presents a model to evaluate and select security countermeasures from a pool of candidates. The model performs industrial evaluation and simulations of the financial and technical impact associated to security countermeasures. The financial impact approach uses the Return On Response Investment (RORI) index to compare the expected impact of the attack when no response is enacted against the impact after applying security countermeasures. The technical impact approach evaluates the protection level against a threat, in terms of confidentiality, integrity, and availability. We provide a use case on malware attacks that shows the applicability of our model in selecting the best countermeasure against an Advanced Persistent Threat.\",\"PeriodicalId\":115020,\"journal\":{\"name\":\"2015 7th International Conference on New Technologies, Mobility and Security (NTMS)\",\"volume\":\"57 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-07-27\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 7th International Conference on New Technologies, Mobility and Security (NTMS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NTMS.2015.7266480\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 7th International Conference on New Technologies, Mobility and Security (NTMS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NTMS.2015.7266480","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 6

摘要

本文提出了一种从备选方案池中评估和选择安全对策的模型。该模型执行与安全对策相关的财务和技术影响的工业评估和模拟。财务影响方法使用响应投资回报率(RORI)指数来比较不采取响应时攻击的预期影响与应用安全对策后的影响。技术影响方法根据机密性、完整性和可用性来评估针对威胁的保护级别。我们提供了一个关于恶意软件攻击的用例，该用例显示了我们的模型在选择针对高级持续性威胁的最佳对策方面的适用性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Considering technical and financial impact in the selection of security countermeasures against Advanced Persistent Threats (APTs)

This paper presents a model to evaluate and select security countermeasures from a pool of candidates. The model performs industrial evaluation and simulations of the financial and technical impact associated to security countermeasures. The financial impact approach uses the Return On Response Investment (RORI) index to compare the expected impact of the attack when no response is enacted against the impact after applying security countermeasures. The technical impact approach evaluates the protection level against a threat, in terms of confidentiality, integrity, and availability. We provide a use case on malware attacks that shows the applicability of our model in selecting the best countermeasure against an Advanced Persistent Threat.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2015 7th International Conference on New Technologies, Mobility and Security (NTMS)

自引率

0.00%

发文量