Quantitative Analysis of Network Security with Abstract Argumentation

An Abstract Argumentation Framework AAF represents a useful technique for the analysis of arguments supporting or discouraging decisions i.e., information can be in conflict. In particular, we apply Abstract Argumentation to support the administration of security in computer networks. Our approach captures the high-level topology of a system and helps to specify which and where security countermeasures are more appropriate. We design a quantitative analysis on AAFs modelling our domain knowledge with the purpose to compare different decisions and select the most suitable one to protect the critical assets.

[1]  Simon Parsons,et al.  Arguing About Firewall Policy , 2012, COMMA.

[2]  Somesh Jha,et al.  Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[3]  Claudette Cayrol,et al.  On the Acceptability of Arguments in Preference-based Argumentation , 1998, UAI.

[4]  Alessandra Russo,et al.  Using argumentation logic for firewall configuration management , 2009, 2009 IFIP/IEEE International Symposium on Integrated Network Management.

[5]  Shawn A. Butler Security attribute evaluation method: a cost-benefit approach , 2002, ICSE '02.

[6]  Francesco Santini,et al.  Network security supported by arguments , 2015, 2015 13th Annual Conference on Privacy, Security and Trust (PST).

[7]  Rodolphe Ortalo,et al.  Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security , 1999, IEEE Trans. Software Eng..

[8]  Stefano Bistarelli,et al.  Two trust networks in one: Using bipolar structures to fuse trust and distrust , 2014, 2014 Twelfth Annual International Conference on Privacy, Security and Trust.

[9]  Carol Woody,et al.  Introduction to the OCTAVE ® Approach , 2003 .

[10]  Phan Minh Dung,et al.  On the Acceptability of Arguments and its Fundamental Role in Nonmonotonic Reasoning, Logic Programming and n-Person Games , 1995, Artif. Intell..

[11]  Alessandra Russo,et al.  Using Argumentation Logic for Firewall Policy Specification and Analysis , 2006, DSOM.

[12]  Ibrahim Sogukpinar,et al.  ISRAM: information security risk analysis method , 2005, Comput. Secur..

[13]  Somesh Jha,et al.  Two formal analyses of attack graphs , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[14]  Fabio Martinelli,et al.  Formal approach to security metrics.: what does "more secure" mean for you? , 2010, ECSA '10.

[15]  Guido Boella,et al.  Argumentation for Access Control , 2005, AI*IA.

[16]  Edsger W. Dijkstra,et al.  A note on two problems in connexion with graphs , 1959, Numerische Mathematik.

[17]  Francesco Santini,et al.  Debating Cybersecurity or Securing a Debate? - (Position Paper) , 2014, FPS.

[18]  Francesca Rossi,et al.  Semiring-based constraint satisfaction and optimization , 1997, JACM.

[19]  Sushil Jajodia,et al.  Using attack graphs for correlating, hypothesizing, and predicting intrusion alerts , 2006, Comput. Commun..

[20]  G. Stoneburner,et al.  Risk Management Guide for Information Technology Systems: Recommendations of the National Institute of Standards and Technology , 2002 .

[21]  Francesca Rossi,et al.  Unicast and multicast QoS routing with soft-constraint logic programming , 2007, TOCL.

[22]  Tarek Bouyahia,et al.  Metric for Security Activities Assisted by Argumentative Logic , 2014, DPM/SETOP/QASA.

[23]  Elizabeth Sklar,et al.  Argumentation logic to assist in security administration , 2012, NSPW '12.