Securing a system, being it a computer network, a physical infrastructure or an organization, is a very challenging task. In practice, it is always constrained by available resources, e.g., budget, time, or man-power. An attack–defense tree is a security model allowing to reason about different strategies that an attacker may use to attack a system and potential countermeasures that a defender could apply to defend against such attacks. This work integrates the modeling power of attack–defense trees with the strengths of integer linear programming techniques. We develop a framework that, given the overall budget allocated for the system’s protection, suggests which countermeasures should be implemented to secure the system in the best way possible. We lay down formal foundations for our framework and implement a proof of concept tool automating the solving of relevant optimization problems.
CITATION STYLE
Kordy, B., & Wideł, W. (2017). How well can I secure my system? In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 10510 LNCS, pp. 332–347). Springer Verlag. https://doi.org/10.1007/978-3-319-66845-1_22
Mendeley helps you to discover research relevant for your work.