Automatically generating adequate responses to ongoing or potential cyber threats and attacks is a pertinacious challenge and must have the aim to assure mission success, without sacrificing missions for security. To do so it must be understood how a threat may affect a mission, how a countermeasure diminishes potential threats, but also how a countermeasure might inadvertently impact the mission as well. Various approaches exist for all three subproblems and some for a partially combined solution. However, most suffer from one or more problems: (1) Approaches are holistic, delivering one acclaimed “optimal,” but intransparent solution. (2) Require unacquirable information that does not account for missing information, unforeseeable circumstances, or uncertainty. (3) Focus on cost optimization to mitigate direct affections without considering transitive impacts onto missions. In this paper we propose a probabilistic approach for cyber defense and assurance, decoupling mission impact assessments of threats and responses from a generation of those and from an optimal selection of those. We reduce mission impact assessments to commonly known mathematical problems, obtain directly validated and qualitative results, and greatly encompass missing information under uncertainty.
|Number of pages||18|
|Publication status||Published - 2016|