Combining technical and financial impacts for countermeasure selection - Archive ouverte HAL Accéder directement au contenu
Communication Dans Un Congrès Année : 2014

Combining technical and financial impacts for countermeasure selection

Résumé

Research in information security has generally focused on providing a comprehensive interpretation of threats, vulnerabilities, and attacks, in particular to evaluate their danger and prioritize responses accordingly. Most of the current approaches propose advanced techniques to detect intrusions and complex attacks but few of these approaches propose well defined methodologies to react against a given attack. In this paper, we propose a novel and systematic method to select security countermeasures from a pool of candidates, by ranking them based on the technical and financial impact associated to each alternative. The method includes industrial evaluation and simulations of the impact associated to a given security measure which allows to compute the return on response investment for different candidates. A simple case study is proposed at the end of the paper to show the applicability of the model
Fichier principal
Vignette du fichier
countermeasure-selection.pdf (95.59 Ko) Télécharger le fichier
Origine : Fichiers éditeurs autorisés sur une archive ouverte
Loading...

Dates et versions

hal-01257903 , version 1 (18-01-2016)

Identifiants

Citer

Gustavo Daniel Gonzalez Granadillo, Christophe Ponchel, Gregory Blanc, Hervé Debar. Combining technical and financial impacts for countermeasure selection. AIDP 2014 : International Workshop on Advanced Intrusion Detection and Prevention, Jun 2014, Marrakesh, Morocco. pp.1 - 14, ⟨10.4204/EPTCS.165.1⟩. ⟨hal-01257903⟩
42 Consultations
117 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More