TY - JOUR
T1 - Selection of Pareto-efficient response plans based on financial and operational assessments
AU - Motzek, Alexander
AU - Gonzalez-Granadillo, Gustavo
AU - Debar, Hervé
AU - Garcia-Alfaro, Joaquin
AU - Möller, Ralf
PY - 2017/12/1
Y1 - 2017/12/1
N2 - Finding adequate responses to ongoing attacks on ICT systems is a pertinacious problem and requires assessments from different perpendicular viewpoints. However, current research focuses on reducing the impact of an attack irregardless of side effects caused by responses. In order to achieve a comprehensive yet accurate response to possible and ongoing attacks on a managed ICT system, we propose an approach that evaluates a response from two perpendicular perspectives: (1) A response financial impact assessment, considering the financial benefits of restoring and protecting potentially threatened operational capabilities while considering implementation and maintenance costs of responses. (2) A response operational impact assessment, which assesses potential impacts that efficient mitigation actions may inadvertently cause on the organization in an operational perspective, e.g., negative side effects of deploying mitigations. It is the key benefit of the presented approach to combine all obtained evaluations with a multi-dimensional optimization procedure such that a response plan is selected which reduces a state of risk below an admissible level while minimizing potential negative side effects of deliberately taken actions.
AB - Finding adequate responses to ongoing attacks on ICT systems is a pertinacious problem and requires assessments from different perpendicular viewpoints. However, current research focuses on reducing the impact of an attack irregardless of side effects caused by responses. In order to achieve a comprehensive yet accurate response to possible and ongoing attacks on a managed ICT system, we propose an approach that evaluates a response from two perpendicular perspectives: (1) A response financial impact assessment, considering the financial benefits of restoring and protecting potentially threatened operational capabilities while considering implementation and maintenance costs of responses. (2) A response operational impact assessment, which assesses potential impacts that efficient mitigation actions may inadvertently cause on the organization in an operational perspective, e.g., negative side effects of deploying mitigations. It is the key benefit of the presented approach to combine all obtained evaluations with a multi-dimensional optimization procedure such that a response plan is selected which reduces a state of risk below an admissible level while minimizing potential negative side effects of deliberately taken actions.
UR - http://www.scopus.com/inward/record.url?scp=85023183896&partnerID=8YFLogxK
U2 - 10.1186/s13635-017-0063-6
DO - 10.1186/s13635-017-0063-6
M3 - Journal articles
AN - SCOPUS:85023183896
SN - 2510-523X
VL - 2017
JO - Eurasip Journal on Information Security
JF - Eurasip Journal on Information Security
IS - 1
M1 - 12
ER -