This paper proposes a risk assessment process based on dis- tinct classes and estimators, which we apply to a case study of a com- mon communications security risk; a distributed denial of service attack (DDoS) attack. The risk assessment’s novelty lies in the combination both the quantitative (statistics) and qualitative (subjective knowledge- based) aspects to model the attack and estimate the risk. The approach centers on estimations of assets, vulnerabilities, threats, controls, and associated outcomes in the event of a DDoS, together with a statistical analysis of the risk. Our main contribution is the process to combine the qualitative and quantitative estimation methods for cyber security risks, together with an insight into which technical details and variables to consider when risk assessing the DDoS amplification attack.
CITATION STYLE
Wangen, G., Shalaginov, A., & Hallstensen, C. (2016). Cyber security risk assessment of a DDoS attack. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 9866 LNCS, pp. 183–202). Springer Verlag. https://doi.org/10.1007/978-3-319-45871-7_12
Mendeley helps you to discover research relevant for your work.