Braham Lotfi Mediouni, Ayoub Nouri, Marius Bozga, Axel
Legay and Saddek Bensalem
Mitigating Security Risks through Attack Strategies Exploration (2018)
Mitigating Security Risks through Attack Strategies Exploration (2018)
TR-2018-4.pdf
Keywords: Risk assessment, Attack-Defense Tree, Strategy Synthesis, Genetic Algorithms, Statistical Model Checking
Abstract: Security assessment of organizations information systems is becoming increas- ingly complex due to their growing size and the underlying architectures (e.g., cloud). Analyzing potential attacks is a pragmatic approach that provides insightful information to achieve this purpose. In this work, we propose to synthesize effective defense configurations for sophisticated attack strategies, which are obtained by minimizing resource usage while ensuring a high probability of success. Obtained results on real-life case studies show substantial improvement compared to existing techniques.
