Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Cyber Security Risks Assessment with Bayesian Defense Graphs and Architectural Models
KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.ORCID iD: 0000-0003-3922-9606
KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.ORCID iD: 0000-0002-3293-1681
2009 (English)In: Proceedings of the 42nd Annual Hawaii International Conference on System Sciences, HICSS, x , 2009Conference paper, Published paper (Refereed)
Abstract [en]

To facilitate rational decision making regarding cyber security investments, decision makers need to be able to assess expected losses before and after potential investments. This paper presents a model based assessment framework for analyzing the cyber security provided by different architectural scenarios. The framework uses the Bayesian statistics based Extended Influence Diagrams to express attack graphs and related countermeasures. In this paper it is demonstrated how this structure can be captured in an abstract model to support analysis based on architectural models. The approach allows calculating the probability that attacks will succeed and the expected loss of these given the instantiated architectural scenario. Moreover, the framework can handle the uncertainties that are accompanied to the analyses. In architectural analysis there are uncertainties acquainted both to the scenario and its properties, as well as to the analysis framework that stipulates how security countermeasures contribute to cyber security.

Place, publisher, year, edition, pages
x , 2009.
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
Identifiers
URN: urn:nbn:se:kth:diva-80665DOI: 10.1109/HICSS.2009.141Scopus ID: 2-s2.0-78650760661ISBN: 978-076953450-3 (print)OAI: oai:DiVA.org:kth-80665DiVA: diva2:496594
Conference
42nd Annual Hawaii International Conference on System Sciences, HICSS; Waikoloa, HI; United States; 5 January 2009 through 9 January 2009
Note

QC 20150708

Available from: 2012-02-10 Created: 2012-02-10 Last updated: 2015-07-08Bibliographically approved

Open Access in DiVA

No full text

Other links

Publisher's full textScopus

Authority records BETA

Ekstedt, MathiasJohnson, Pontus

Search in DiVA

By author/editor
Sommestad, TeodorEkstedt, MathiasJohnson, Pontus
By organisation
Industrial Information and Control Systems
Electrical Engineering, Electronic Engineering, Information Engineering

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 66 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf