基于RORI指数的组合方法选择最优对策

Second International Conference on the Innovative Computing Technology (INTECH 2012) Pub Date : 2012-09-01 DOI:10.1109/INTECH.2012.6457801

G. G. Granadillo, G. Jacob, Hervé Debar, L. Coppolino

{"title":"基于RORI指数的组合方法选择最优对策","authors":"G. G. Granadillo, G. Jacob, Hervé Debar, L. Coppolino","doi":"10.1109/INTECH.2012.6457801","DOIUrl":null,"url":null,"abstract":"As new and more sophisticated computer attacks appear across the Internet, sometimes with unknown dimensions and criticality, the implementation of individual security solutions become less effective and in some cases useless. Instead, a combined approach is required to guarantee an appropriate and cost-effective mitigation of such attacks. Most of the current work suggests the deployment of multiple countermeasures as a single treatment to mitigate the effects of complex attacks. However, the methodology to analyze and evaluate combined solutions is either hardly explained or very complicated to implement. This paper, therefore proposes a simple and well-structured approach to select the optimal combination of countermeasures by maximizing the cost-effectiveness ratio of the countermeasures, this ratio being measured by the Return on Response Investment (RORI) index. A case study is provided at the end of the document to show the applicability of the model over a critical infrastructure process control.","PeriodicalId":369113,"journal":{"name":"Second International Conference on the Innovative Computing Technology (INTECH 2012)","volume":"22 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":"{\"title\":\"Combination approach to select optimal countermeasures based on the RORI index\",\"authors\":\"G. G. Granadillo, G. Jacob, Hervé Debar, L. Coppolino\",\"doi\":\"10.1109/INTECH.2012.6457801\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"As new and more sophisticated computer attacks appear across the Internet, sometimes with unknown dimensions and criticality, the implementation of individual security solutions become less effective and in some cases useless. Instead, a combined approach is required to guarantee an appropriate and cost-effective mitigation of such attacks. Most of the current work suggests the deployment of multiple countermeasures as a single treatment to mitigate the effects of complex attacks. However, the methodology to analyze and evaluate combined solutions is either hardly explained or very complicated to implement. This paper, therefore proposes a simple and well-structured approach to select the optimal combination of countermeasures by maximizing the cost-effectiveness ratio of the countermeasures, this ratio being measured by the Return on Response Investment (RORI) index. A case study is provided at the end of the document to show the applicability of the model over a critical infrastructure process control.\",\"PeriodicalId\":369113,\"journal\":{\"name\":\"Second International Conference on the Innovative Computing Technology (INTECH 2012)\",\"volume\":\"22 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"12\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Second International Conference on the Innovative Computing Technology (INTECH 2012)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/INTECH.2012.6457801\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Second International Conference on the Innovative Computing Technology (INTECH 2012)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/INTECH.2012.6457801","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 12

摘要

随着新的和更复杂的计算机攻击在互联网上出现，有时具有未知的维度和严重性，单个安全解决方案的实现变得不那么有效，在某些情况下是无用的。相反，需要采取一种综合办法来保证适当和具有成本效益地减轻这种攻击。目前的大部分工作建议部署多种对策作为单一的处理，以减轻复杂攻击的影响。然而，分析和评估组合解决方案的方法要么很难解释，要么实现起来非常复杂。因此，本文提出了一种简单且结构良好的方法，通过最大化对策的成本-效果比来选择最优的对策组合，该比率由响应投资回报率(RORI)指数衡量。在文档的末尾提供了一个案例研究，以显示该模型在关键基础设施过程控制上的适用性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Combination approach to select optimal countermeasures based on the RORI index

As new and more sophisticated computer attacks appear across the Internet, sometimes with unknown dimensions and criticality, the implementation of individual security solutions become less effective and in some cases useless. Instead, a combined approach is required to guarantee an appropriate and cost-effective mitigation of such attacks. Most of the current work suggests the deployment of multiple countermeasures as a single treatment to mitigate the effects of complex attacks. However, the methodology to analyze and evaluate combined solutions is either hardly explained or very complicated to implement. This paper, therefore proposes a simple and well-structured approach to select the optimal combination of countermeasures by maximizing the cost-effectiveness ratio of the countermeasures, this ratio being measured by the Return on Response Investment (RORI) index. A case study is provided at the end of the document to show the applicability of the model over a critical infrastructure process control.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Second International Conference on the Innovative Computing Technology (INTECH 2012)

自引率

0.00%

发文量