Impact Modeling and Prediction of Attacks on Cyber Targets (Preprint)

Abstract

Modeling an organization's mission vulnerability to cyber attacks requires a description of the IT infrastructure (network model), the organization mission (business model), and how the mission relies on IT resources (correlation model). With this information, proper analysis can show which cyber resources are of tactical importance in a cyber attack, i.e., controlling them enables a large range of cyber attacks. Such analysis also reveals which IT resources contribute to the organization's mission, i.e., lack of control over them gravely affects the mission. These results can then be used to formulate IT security strategies and explore their trade-offs, which leads to better incident response. This paper presents our methodology for encoding IT infrastructure, organization mission and correlations, our analysis framework, as well as initial experimental results and conclusions.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Mar 01, 2010
Accession Number
ADA517401

Entities

People

  • Aram Khalili
  • Brian Michalk
  • Chris Henney
  • Lee Alford
  • Logan Gilbert

Tags

DTIC Thesaurus Topics

  • Air Force Research Laboratories
  • Algorithms
  • Commerce
  • Computer Programming
  • Computers
  • Cyberattacks
  • Detection
  • Infrastructure
  • Intrusion
  • Intrusion Detection
  • Intrusion Detectors
  • Local Area Networks
  • Networks
  • Risk
  • Security
  • Situational Awareness
  • Vulnerability

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Organizational Process Management (OPM).
  • Theoretical Analysis.

Technology Areas

  • Cyber