IDEAS home Printed from https://ideas.repec.org/a/wly/intnem/v25y2015i5p340-354.html
   My bibliography  Save this article

Iterative selection of countermeasures for intelligent threat agents

Author

Listed:
  • Fabrizio Baiardi
  • Federico Tonelli
  • Alessandro Bertolini

Abstract

We describe a model‐based approach to select cost‐effective countermeasures for an information and communication technology infrastructure under attack by intelligent agents. Each agent tries to reach some predefined goals through a sequence of attacks. The proposed approach builds the models of the infrastructure and of the agents, and then it applies a Monte Carlo method that runs multiple, independent simulations of the agent attacks. These simulations produce a statistical sample that is used to assess the risk. The selection of countermeasures works in an iterative way where each iteration selects some countermeasures and applies the Monte Carlo method to evaluate any residual risk. In this way, it takes into account that an intelligent agent may select distinct attacks to replace those affected by the countermeasures. To improve cost effectiveness, the selection focuses on useful attacks to reach a goal. The Haruspex suite is an integrated set of tool to support this approach. Some of its tools build the models of the agents and the one of the system. Another tool uses these models to apply the Monte Carlo method and simulate the agent attacks. This tool is iteratively invoked by the one that select countermeasures. We describe the adoption of the suite to assess and manage the risk of three industrial control systems. Copyright © 2015 John Wiley & Sons, Ltd.

Suggested Citation

  • Fabrizio Baiardi & Federico Tonelli & Alessandro Bertolini, 2015. "Iterative selection of countermeasures for intelligent threat agents," International Journal of Network Management, John Wiley & Sons, vol. 25(5), pages 340-354, September.
    • Handle: RePEc:wly:intnem:v:25:y:2015:i:5:p:340-354
    DOI: 10.1002/nem.1899
    as

    Download full text from publisher

    File URL: https://doi.org/10.1002/nem.1899
    Download Restriction: no
    File URL: https://libkey.io/10.1002/nem.1899?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    References listed on IDEAS

    as
    1. Theresa Brown & Walt Beyeler & Dianne Barton, 2004. "Assessing infrastructure interdependencies: the challenge of risk analysis for complex adaptive systems," International Journal of Critical Infrastructures, Inderscience Enterprises Ltd, vol. 1(1), pages 108-117.
    2. Kjell Hausken & Fei He, 2016. "On the Effectiveness of Security Countermeasures for Critical Infrastructures," Risk Analysis, John Wiley & Sons, vol. 36(4), pages 711-726, April.
    3. Vicki Bier & Santiago Oliveros & Larry Samuelson, 2007. "Choosing What to Protect: Strategic Defensive Allocation against an Unknown Attacker," Journal of Public Economic Theory, Association for Public Economic Theory, vol. 9(4), pages 563-587, August.
    4. Fabrizio Baiardi & Daniele Sgandurra, 2013. "Assessing ICT risk through a Monte Carlo method," Environment Systems and Decisions, Springer, vol. 33(4), pages 486-499, December.
    5. Buede, Dennis M. & Mahoney, Suzanne & Ezell, Barry & Lathrop, John, 2012. "Using plural modeling for predicting decisions made by adaptive adversaries," Reliability Engineering and System Safety, Elsevier, vol. 108(C), pages 77-89.
    6. Insua, Insua Rios & Rios, Jesus & Banks, David, 2009. "Adversarial Risk Analysis," Journal of the American Statistical Association, American Statistical Association, vol. 104(486), pages 841-854.
    7. Hausken, Kjell & Bier, Vicki M., 2011. "Defending against multiple different attackers," European Journal of Operational Research, Elsevier, vol. 211(2), pages 370-384, June.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Fabrizio Baiardi & Daniele Sgandurra, 2013. "Assessing ICT risk through a Monte Carlo method," Environment Systems and Decisions, Springer, vol. 33(4), pages 486-499, December.
    2. Hausken, Kjell, 2024. "Fifty Years of Operations Research in Defense," European Journal of Operational Research, Elsevier, vol. 318(2), pages 355-368.
    3. Hunt, Kyle & Zhuang, Jun, 2024. "A review of attacker-defender games: Current state and paths forward," European Journal of Operational Research, Elsevier, vol. 313(2), pages 401-417.
    4. Ríos Insua, David & Cano, Javier & Pellot, Michael & Ortega, Ricardo, 2016. "Multithreat multisite protection: A security case study," European Journal of Operational Research, Elsevier, vol. 252(3), pages 888-899.
    5. Qingqing Zhai & Rui Peng & Jun Zhuang, 2020. "Defender–Attacker Games with Asymmetric Player Utilities," Risk Analysis, John Wiley & Sons, vol. 40(2), pages 408-420, February.
    6. Bakker, Craig & Webster, Jennifer B. & Nowak, Kathleen E. & Chatterjee, Samrat & Perkins, Casey J. & Brigantic, Robert, 2020. "Multi-Game Modeling for Counter-Smuggling," Reliability Engineering and System Safety, Elsevier, vol. 200(C).
    7. Vineet M. Payyappalli & Jun Zhuang & Victor Richmond R. Jose, 2017. "Deterrence and Risk Preferences in Sequential Attacker–Defender Games with Continuous Efforts," Risk Analysis, John Wiley & Sons, vol. 37(11), pages 2229-2245, November.
    8. Bandyopadhyay, Subhayu & Sandler, Todd, 2023. "Voluntary participation in a terror group and counterterrorism policy," Journal of Economic Behavior & Organization, Elsevier, vol. 215(C), pages 500-513.
    9. Xing Gao & Weijun Zhong & Shue Mei, 2013. "Information Security Investment When Hackers Disseminate Knowledge," Decision Analysis, INFORMS, vol. 10(4), pages 352-368, December.
    10. Jorge González-Ortega & Refik Soyer & David Ríos Insua & Fabrizio Ruggeri, 2021. "An Adversarial Risk Analysis Framework for Batch Acceptance Problems," Decision Analysis, INFORMS, vol. 18(1), pages 25-40, March.
    11. Yan, Xihong & Ren, Xiaorong & Nie, Xiaofeng, 2022. "A budget allocation model for domestic airport network protection," Socio-Economic Planning Sciences, Elsevier, vol. 82(PB).
    12. Wei Wang & Francesco Di Maio & Enrico Zio, 2019. "Adversarial Risk Analysis to Allocate Optimal Defense Resources for Protecting Cyber–Physical Systems from Cyber Attacks," Risk Analysis, John Wiley & Sons, vol. 39(12), pages 2766-2785, December.
    13. Ramirez-Marquez, José Emmanuel & Li, Qing, 2018. "Locating and protecting facilities from intentional attacks using secrecyAuthor-Name: Zhang, Chi," Reliability Engineering and System Safety, Elsevier, vol. 169(C), pages 51-62.
    14. E. S. Levine, 2012. "Estimating Conditional Probabilities of Terrorist Attacks: Modeling Adversaries with Uncertain Value Tradeoffs," Risk Analysis, John Wiley & Sons, vol. 32(2), pages 294-303, February.
    15. Konrad, Kai A., 2020. "Attacking and defending multiple valuable secrets in a big data world," European Journal of Operational Research, Elsevier, vol. 280(3), pages 1122-1129.
    16. Abdolmajid Yolmeh & Melike Baykal-Gürsoy, 2019. "Two-Stage Invest–Defend Game: Balancing Strategic and Operational Decisions," Decision Analysis, INFORMS, vol. 16(1), pages 46-66, March.
    17. Jasmin Wachter & Stefan Rass & Sandra König, 2018. "Security from the Adversary’s Inertia–Controlling Convergence Speed When Playing Mixed Strategy Equilibria," Games, MDPI, vol. 9(3), pages 1-15, August.
    18. Bose, Gautam & Konrad, Kai A., 2020. "Devil take the hindmost: Deflecting attacks to other defenders," Reliability Engineering and System Safety, Elsevier, vol. 204(C).
    19. Mohammad E. Nikoofal & Mehmet Gümüs, 2015. "On the value of terrorist’s private information in a government’s defensive resource allocation problem," IISE Transactions, Taylor & Francis Journals, vol. 47(6), pages 533-555, June.
    20. Zhang, Jing & Wang, Yan & Zhuang, Jun, 2021. "Modeling multi-target defender-attacker games with quantal response attack strategies," Reliability Engineering and System Safety, Elsevier, vol. 205(C).

    More about this item

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:wly:intnem:v:25:y:2015:i:5:p:340-354. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Wiley Content Delivery (email available below). General contact details of provider: https://doi.org/10.1002/(ISSN)1099-1190 .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.