Identifying a preferred countermeasure strategy for attack graphs

Attack graphs capture sequences of actions that an intruder can take to lead the system to an undesirable state. They have proven to be important tools for administrators to analyse and devise countermeasures to be deployed in the face of an attack. We consider preferences over countermeasures that the administrator may hold when devising a strategy to thwart the attacker's goals. We present a formalism based on CI-nets to represent and reason about such preferences. We present a method to find an intervention strategy in terms of a set of countermeasures that is guaranteed to thwart any attack on the system, which is also most preferred.

[1]  Zachary J. Oster,et al.  Automating analysis of qualitative preferences in goal-oriented requirements engineering , 2011, 2011 26th IEEE/ACM International Conference on Automated Software Engineering (ASE 2011).

[2]  Ronen I. Brafman,et al.  On Graphical Modeling of Preference and Importance , 2011, J. Artif. Intell. Res..

[3]  Ulrich Endriss,et al.  Conditional Importance Networks: A Graphical Language for Representing Ordinal, Monotonic Preferences over Sets of Goods , 2009, IJCAI.

[4]  Marco Pistore,et al.  Nusmv version 2: an opensource tool for symbolic model checking , 2002, CAV 2002.

[5]  Somesh Jha,et al.  Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[6]  Marco Pistore,et al.  NuSMV 2: An OpenSource Tool for Symbolic Model Checking , 2002, CAV.

[7]  Somesh Jha,et al.  Two formal analyses of attack graphs , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.