When intelligent threats attack a system, they rarely achieve their goals by exploiting a single vulnerability. Rather, they achieve their goals by composing attacks and by exploiting structural security flaws of the target system. Attack graphs have been the de facto tool for discovering possible complex attacks. This thesis proposes a cost-effective safeguard selection strategy, which first identifies a complex attack set that covers all the complex attacks through the use of attack graphs and later selects a minimal set of countermeasures through the formulation and resolution of an integer linear programming problem. Multiple goals in conjunction or disjunction relation can be analyzed. We have built a working prototype system that impl...
In network security hardening a network administrator may need to use limited resources (such as hon...
Information systems constitute an increasingly attractive target for attackers. Given the number and...
the date of receipt and acceptance should be inserted later Abstract Researchers have previously loo...
Network systems often contain vulnerabilities that remain unmitigated in a network for various reaso...
International audienceSecuring a system, being it a computer network, a physicalinfrastructure or ...
We describe a model-based approach to select cost-effective countermeasures for an information and c...
Attack graphs provide formalism for modelling the vulnerabilities using a compact representation sch...
Part 2: 4th International Workshop on Security and Cognitive Informatics for Homeland Defense (SeCIH...
A thesis submitted for the degree of Doctor of PhilosophyNetwork security risk analysis has received...
Attack tree analysis is used to estimate different parameters of general security threats based on i...
Risk analysis is a very complex process. It requires rigorous representation and in-depth assessment...
Risk analysis is a very complex process. It requires rigorous representation and in-depth assessment...
The number of cyberattacks has been growing over time and is expected to keep growing. In order to p...
peer reviewedRisk treatment is an important part of risk management, and deals with the question whi...
The losses arising from a system being hit by cyber attacks can be staggeringly high, but defending ...
In network security hardening a network administrator may need to use limited resources (such as hon...
Information systems constitute an increasingly attractive target for attackers. Given the number and...
the date of receipt and acceptance should be inserted later Abstract Researchers have previously loo...
Network systems often contain vulnerabilities that remain unmitigated in a network for various reaso...
International audienceSecuring a system, being it a computer network, a physicalinfrastructure or ...
We describe a model-based approach to select cost-effective countermeasures for an information and c...
Attack graphs provide formalism for modelling the vulnerabilities using a compact representation sch...
Part 2: 4th International Workshop on Security and Cognitive Informatics for Homeland Defense (SeCIH...
A thesis submitted for the degree of Doctor of PhilosophyNetwork security risk analysis has received...
Attack tree analysis is used to estimate different parameters of general security threats based on i...
Risk analysis is a very complex process. It requires rigorous representation and in-depth assessment...
Risk analysis is a very complex process. It requires rigorous representation and in-depth assessment...
The number of cyberattacks has been growing over time and is expected to keep growing. In order to p...
peer reviewedRisk treatment is an important part of risk management, and deals with the question whi...
The losses arising from a system being hit by cyber attacks can be staggeringly high, but defending ...
In network security hardening a network administrator may need to use limited resources (such as hon...
Information systems constitute an increasingly attractive target for attackers. Given the number and...
the date of receipt and acceptance should be inserted later Abstract Researchers have previously loo...