Proposal of an Improved Event Tree and Defense Tree Combined Method for Risk Evaluation with Common Events
Proceeding: The Third International Conference on Digital Security and Forensics (DigitalSec2016)Publication Date: 2016-09-06
Authors : Ryo Aihara; Ryohei Ishii; Ryoichi Sasaki;
Page : 46-53
Keywords : APT; Targeted Attack; Risk Assessment; Defense Tree; Attack Tree;
Abstract
Damage caused by targeted attacks has increased in recent years. In order to cope with the issue, we previously developed the event tree and defense tree combined (EDC) method for obtaining the optimal combination of countermeasures against targeted attacks based on security analyses. However, the original EDC method cannot deal with common events, i.e., events that are the common cause of more than one type of problem, here and in the main text. In order to deal with common events, instead of minimal cut set (MCS) operation, we introduce the prime implicant set (PIS) operation, which can obtain cut sets, including negative events, for the sequence of the event tree. The results of a numerical experiment confirm that the occurrence probability can be calculated correctly by introducing the PIS. Moreover, if PIS operation is not implemented, the overall risk may be underestimated by a factor of three.
Other Latest Articles
- Development and Evaluation of a Dynamic Security Evaluation System for the Cloud System Operation
- Application and Evaluation of Method for Establishing Consensus on Measures Based on Cybersecurity Framewor
- Systems in Danger: A Short Review on Metamorphic Computer Viruses
- Utilizing Program's Execution Data for Digital Forensics
- An Evidence Collection and Analysis of Ubuntu File System
Last modified: 2016-09-11 23:54:01