Abstract
We present a simple risk-analysis based method for studying the security of institutions against rational (gain-oriented) attacks. Our method uses a certain refined form of attack-trees that are used to estimate the cost and the success probability of attacks. We use elementary game theory to decide whether the system under protection is a realistic target for gain-oriented attackers. Attacks are considered unlikely if their cost is not worth their benefits for the attackers. We also show how to decide whether the investments into security are economically justified. We outline the new method and show how it can be used in practice by going through a realistic example.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Geer, D., Hoo, K.S., Jaquith, A.: Information security: Why the future belongs to the quants. IEEE Security and Privacy 1(4), 24–32 (2003)
Sonnenreich, W., Albanese, J., Stout, B.: Return On Security Investment (ROSI) – A practical quantitative model. Journal of Research and Practice in Information Technology 38(1), 55–66 (2006)
Desmedt, Y.: Potential impacts of a growing gap between theory and practice in information security. In: Boyd, C., González Nieto, J.M. (eds.) ACISP 2005. LNCS, vol. 3574, pp. 532–536. Springer, Heidelberg (2005)
Meritt, J.W.: A method for quantitative risk analysis. In: Proceedings of the 22nd National Information Systems Security Conference (1999)
Vesely, W.E., Goldberg, F.F., Roberts, N.H., Haasl, D.F.: Fault Tree Handbook. US Government Printing Office. Systems and Reliability Research, Office of Nuclear Regulatory Research, U.S. Nuclear Regulatory Commission (January 1981)
Viega, J., McGraw, G.: Building Secure Software: How to Avoid Security Problems the Right Way. Addison Wesley Professional, Reading (2001)
Moore, A.P., Ellison, R.J., Linger, R.C.: Attack modeling for information security and survivability. Technical Report CMU/SEI-2001-TN-001, Software Engineering Institute (2001)
Schneier, B.: Attack trees: Modeling security threats. Dr. Dobb’s Journal 24(12), 21–29 (1999)
Schneier, B.: Secrets & Lies. Digital Security in a Networked World. John Wiley & Sons, Chichester (2000)
Mauw, S., Oostdijk, M.: Foundations of attack trees. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186–198. Springer, Heidelberg (2006)
Opel, A.: Design and implementation of a support tool for attack trees. Technical report, Otto-von-Guericke University. Internship Thesis (March 2005)
Liu, P., Zang, W., Yu, M.: Incentive-Based Modeling and Inference of Attacker Intent, Objectives and Strategies. ACM Transactions on Information and Systems Security 8(1), 78–118 (2005)
Schechter, S.E.: Computer Security Strength & Risk: A Quantitative Approach. PhD thesis, Harvard University (2004)
2004 E-CrimeWatch Survey. Summary of Findings. Conducted by CSO magazine in cooperation with the U.S. Secret Service & CERT Coordination Center (2004), Available at: http://www.cert.org/archive/pdf/2004eCrimeWatchSummary.pdf
Cohen, G.: The role of attack simulation in automating security risk management. Information Systems Control Journal 1, 51–54 (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Buldas, A., Laud, P., Priisalu, J., Saarepera, M., Willemson, J. (2006). Rational Choice of Security Measures Via Multi-parameter Attack Trees. In: Lopez, J. (eds) Critical Information Infrastructures Security. CRITIS 2006. Lecture Notes in Computer Science, vol 4347. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11962977_19
Download citation
DOI: https://doi.org/10.1007/11962977_19
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-69083-2
Online ISBN: 978-3-540-69084-9
eBook Packages: Computer ScienceComputer Science (R0)