In this paper we use defense trees, an extension of attack trees with countermeasures, to represent attack scenarios and game the- ory to detect the most promising actions attacker and defender. On one side the attacker wants to break the system (with as little efforts as pos- sible), on the opposite side the defender want to protect it (sustaining the minimum cost). As utility function for the attacker and for the defender we consider economic indexes (like the Return on Investment (ROI) and the Return on Attack (ROA)). We show how our approach can be used to evaluate effectiveness and economic profitability of countermeasures as well as their deterrent effect on attackers, thus providing decision makers with a useful tool for performing better evaluation of IT security investments during the risk management process.
Strategic games on defense trees
Bistarelli S;
2006
Abstract
In this paper we use defense trees, an extension of attack trees with countermeasures, to represent attack scenarios and game the- ory to detect the most promising actions attacker and defender. On one side the attacker wants to break the system (with as little efforts as pos- sible), on the opposite side the defender want to protect it (sustaining the minimum cost). As utility function for the attacker and for the defender we consider economic indexes (like the Return on Investment (ROI) and the Return on Attack (ROA)). We show how our approach can be used to evaluate effectiveness and economic profitability of countermeasures as well as their deterrent effect on attackers, thus providing decision makers with a useful tool for performing better evaluation of IT security investments during the risk management process.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
