An Impact Assessment Model for Distributed Adaptive Security Situation Assessment

Abstract

The goal of any intrusion detection, anti-virus, firewall or other security mechanism is not simply to stop attacks, but to protect a computing resource so that the resource can continue to perform its function. A computing resource, however, is only a component of a larger system and mission. Sometimes, the efforts made to stop an attack on a resource may be as bad as the attack itself in terms of affecting the overall ability of the system to complete its mission. What is needed is a method of choosing responses to attacks on components that still allows the system to achieve its goals. We present a model of computing resources and of how the loss or degradation of resources impacts the ability of a system to complete its mission. A human or robot analyst can use the model to assess the security status of a monitored system and to allocate resources in an optimal way.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 01, 2005
Accession Number
ADA438574

Entities

People

  • James Just
  • Karl Levitt
  • Lawrence Clough
  • Marcus Tylutki
  • Mark Heckman
  • Nikhil Joshi

Organizations

  • University of California

Tags

Communities of Interest

  • Cyber
  • Energy and Power Technologies
  • Ground and Sea Platforms
  • Sensors

DTIC Thesaurus Topics

  • Air Force Research Laboratories
  • Algorithms
  • Anti-Virus Software
  • Computational Complexity
  • Computers
  • Cyberattacks
  • Detectors
  • Expert Systems
  • Graphical User Interface
  • Information Operations
  • Intrusion Detection
  • Mobile Phones
  • Network Protocols
  • Reliability
  • Security
  • Task Forces
  • User Interface

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Parallel and Distributed Computing.
  • Systems Analysis and Design

Technology Areas

  • AI & ML
  • AI & ML - Bayesian Inference
  • AI & ML - Machine Learning Algorithms
  • Autonomy
  • Autonomy - UAVs