Selection of Pareto-efficient response plans based on financial and operational assessments

Alexander Motzek; Gustavo Gonzalez-Granadillo; Hervé Debar; Joaquin Garcia-Alfaro; Ralf Möller

doi:10.1186/s13635-017-0063-6

Selection of Pareto-efficient response plans based on financial and operational assessments

Alexander Motzek^*, Gustavo Gonzalez-Granadillo, Hervé Debar, Joaquin Garcia-Alfaro, Ralf Möller

^*Corresponding author for this work

Institute of Information Systems

8 Citations (Scopus)

Abstract

Finding adequate responses to ongoing attacks on ICT systems is a pertinacious problem and requires assessments from different perpendicular viewpoints. However, current research focuses on reducing the impact of an attack irregardless of side effects caused by responses. In order to achieve a comprehensive yet accurate response to possible and ongoing attacks on a managed ICT system, we propose an approach that evaluates a response from two perpendicular perspectives: (1) A response financial impact assessment, considering the financial benefits of restoring and protecting potentially threatened operational capabilities while considering implementation and maintenance costs of responses. (2) A response operational impact assessment, which assesses potential impacts that efficient mitigation actions may inadvertently cause on the organization in an operational perspective, e.g., negative side effects of deploying mitigations. It is the key benefit of the presented approach to combine all obtained evaluations with a multi-dimensional optimization procedure such that a response plan is selected which reduces a state of risk below an admissible level while minimizing potential negative side effects of deliberately taken actions.

Original language	English
Article number	12
Journal	Eurasip Journal on Information Security
Volume	2017
Issue number	1
DOIs	https://doi.org/10.1186/s13635-017-0063-6
Publication status	Published - 01.12.2017

Funding

The research in this paper has received funding from the PANOPTESEC project, as part of the Seventh Framework Programme (FP7) of the European Commission (GA 610416). We acknowledge financial support by Land Schleswig-Holstein within the funding programme Open Access Publikationsfonds. All authors contributed equally to the manuscript. In addition, AM and GGG carried out the simulations and drafted the initial version of the manuscript. All authors read and approved the final manuscript. The authors declare that they have no competing interests. Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

DFG Research Classification Scheme

409-06 Information Systems, Process and Knowledge Management

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

Access to Document

10.1186/s13635-017-0063-6

Cite this

@article{1bcc5883eb6548599f86438b3c496b16,

title = "Selection of Pareto-efficient response plans based on financial and operational assessments",

abstract = "Finding adequate responses to ongoing attacks on ICT systems is a pertinacious problem and requires assessments from different perpendicular viewpoints. However, current research focuses on reducing the impact of an attack irregardless of side effects caused by responses. In order to achieve a comprehensive yet accurate response to possible and ongoing attacks on a managed ICT system, we propose an approach that evaluates a response from two perpendicular perspectives: (1) A response financial impact assessment, considering the financial benefits of restoring and protecting potentially threatened operational capabilities while considering implementation and maintenance costs of responses. (2) A response operational impact assessment, which assesses potential impacts that efficient mitigation actions may inadvertently cause on the organization in an operational perspective, e.g., negative side effects of deploying mitigations. It is the key benefit of the presented approach to combine all obtained evaluations with a multi-dimensional optimization procedure such that a response plan is selected which reduces a state of risk below an admissible level while minimizing potential negative side effects of deliberately taken actions.",

author = "Alexander Motzek and Gustavo Gonzalez-Granadillo and Herv{\'e} Debar and Joaquin Garcia-Alfaro and Ralf M{\"o}ller",

year = "2017",

month = dec,

day = "1",

doi = "10.1186/s13635-017-0063-6",

language = "English",

volume = "2017",

journal = "Eurasip Journal on Information Security",

issn = "2510-523X",

number = "1",

}

TY - JOUR

T1 - Selection of Pareto-efficient response plans based on financial and operational assessments

AU - Motzek, Alexander

AU - Gonzalez-Granadillo, Gustavo

AU - Debar, Hervé

AU - Garcia-Alfaro, Joaquin

AU - Möller, Ralf

PY - 2017/12/1

Y1 - 2017/12/1

N2 - Finding adequate responses to ongoing attacks on ICT systems is a pertinacious problem and requires assessments from different perpendicular viewpoints. However, current research focuses on reducing the impact of an attack irregardless of side effects caused by responses. In order to achieve a comprehensive yet accurate response to possible and ongoing attacks on a managed ICT system, we propose an approach that evaluates a response from two perpendicular perspectives: (1) A response financial impact assessment, considering the financial benefits of restoring and protecting potentially threatened operational capabilities while considering implementation and maintenance costs of responses. (2) A response operational impact assessment, which assesses potential impacts that efficient mitigation actions may inadvertently cause on the organization in an operational perspective, e.g., negative side effects of deploying mitigations. It is the key benefit of the presented approach to combine all obtained evaluations with a multi-dimensional optimization procedure such that a response plan is selected which reduces a state of risk below an admissible level while minimizing potential negative side effects of deliberately taken actions.

AB - Finding adequate responses to ongoing attacks on ICT systems is a pertinacious problem and requires assessments from different perpendicular viewpoints. However, current research focuses on reducing the impact of an attack irregardless of side effects caused by responses. In order to achieve a comprehensive yet accurate response to possible and ongoing attacks on a managed ICT system, we propose an approach that evaluates a response from two perpendicular perspectives: (1) A response financial impact assessment, considering the financial benefits of restoring and protecting potentially threatened operational capabilities while considering implementation and maintenance costs of responses. (2) A response operational impact assessment, which assesses potential impacts that efficient mitigation actions may inadvertently cause on the organization in an operational perspective, e.g., negative side effects of deploying mitigations. It is the key benefit of the presented approach to combine all obtained evaluations with a multi-dimensional optimization procedure such that a response plan is selected which reduces a state of risk below an admissible level while minimizing potential negative side effects of deliberately taken actions.

UR - https://www.scopus.com/pages/publications/85023183896

U2 - 10.1186/s13635-017-0063-6

DO - 10.1186/s13635-017-0063-6

M3 - Journal articles

AN - SCOPUS:85023183896

SN - 2510-523X

VL - 2017

JO - Eurasip Journal on Information Security

JF - Eurasip Journal on Information Security

IS - 1

M1 - 12

ER -

Selection of Pareto-efficient response plans based on financial and operational assessments

Abstract

Funding

DFG Research Classification Scheme

UN SDGs

Access to Document

Other files and links

Fingerprint

Cite this