Towards an Automated and Dynamic Risk Management Response System

Ender Alvarez, Alexander Motzek, Matteo Merialdo, Gustavo Gonzalez-Granadillo, Joaquin Garcia-Alfaro, Hervé Debar

Abstract

Achieving a fully automated and dynamic system in critical infrastructure scenarios is an open issue in ongoing research. Generally, decisions in SCADA systems require a manual intervention, that in most of the cases is performed by highly experienced operators. In this paper we propose a framework consisting of a proactive management software that aims at anticipating the occurrence of potential attacks. It conducts an initial evaluation of reported proactive evidences based on a quantitative metric of monetary return on response investment. The framework evaluates and selects mitigation actions from a pool of candidates, by ranking them in terms of financial and operational impacts. The purpose of this process is to select an optimal set of mitigation actions from financial and operational perspectives and propose them to reduce the risk of threats against the monitored system, without sacrificing an organization's missions in favor of security. A real world case study of a SCADA environment shows the applicability of the model, from the analysis of the input data to the selection of the response plan.
OriginalspracheEnglisch
TitelSecure IT Systems
Redakteure/-innenBilly Bob Brumley, Juha Röning
Seitenumfang17
Band10014
ErscheinungsortCham
Herausgeber (Verlag)Springer International Publishing
Erscheinungsdatum09.10.2016
Seiten37-53
ISBN (Print)978-3-319-47559-2
ISBN (elektronisch)978-3-319-47560-8
DOIs
PublikationsstatusVeröffentlicht - 09.10.2016
Veranstaltung21st Nordic Conference on Secure IT Systems - Oulu, Finnland
Dauer: 02.11.201604.11.2016
Konferenznummer: 185849

Fingerprint

Untersuchen Sie die Forschungsthemen von „Towards an Automated and Dynamic Risk Management Response System“. Zusammen bilden sie einen einzigartigen Fingerprint.

Zitieren