Publication details

Decision Support for Mission-Centric Network Security Management

Authors

JAVORNÍK Michal KOMÁRKOVÁ Jana SADLEK Lukáš HUSÁK Martin

Year of publication 2020
Type Article in Proceedings
Conference NOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium
MU Faculty or unit

Institute of Computer Science

Citation
Web https://ieeexplore.ieee.org/document/9110261
Doi http://dx.doi.org/10.1109/NOMS47738.2020.9110261
Keywords Cyber situational awareness;Decision support;Attack graph;Bayesian network;Mission resilience
Attached files
Description In this paper, we propose a decision support process that is designed to help network and security operators in understanding the complexity of a current security situation and decision making concerning ongoing cyber-attacks and threats. The process focuses on enterprise missions and uses a graph-based mission decomposition model that captures the missions, underlying hosts and services in the network, and functional and security requirements between them. Knowing the vulnerabilities and attacker’s position in the network, the process employs logical attack graphs and Bayesian network to infer the probability of the disruption of the confidentiality, integrity, and availability of the missions. Based on the probabilities of disruptions, the process suggests the most resilient mission configuration that would withstand the current security situation.
Related projects: