IDEAS home Printed from https://ideas.repec.org/a/wly/intnem/v25y2015i5p340-354.html
   My bibliography  Save this article

Iterative selection of countermeasures for intelligent threat agents

Author

Listed:
  • Fabrizio Baiardi
  • Federico Tonelli
  • Alessandro Bertolini

Abstract

We describe a model‐based approach to select cost‐effective countermeasures for an information and communication technology infrastructure under attack by intelligent agents. Each agent tries to reach some predefined goals through a sequence of attacks. The proposed approach builds the models of the infrastructure and of the agents, and then it applies a Monte Carlo method that runs multiple, independent simulations of the agent attacks. These simulations produce a statistical sample that is used to assess the risk. The selection of countermeasures works in an iterative way where each iteration selects some countermeasures and applies the Monte Carlo method to evaluate any residual risk. In this way, it takes into account that an intelligent agent may select distinct attacks to replace those affected by the countermeasures. To improve cost effectiveness, the selection focuses on useful attacks to reach a goal. The Haruspex suite is an integrated set of tool to support this approach. Some of its tools build the models of the agents and the one of the system. Another tool uses these models to apply the Monte Carlo method and simulate the agent attacks. This tool is iteratively invoked by the one that select countermeasures. We describe the adoption of the suite to assess and manage the risk of three industrial control systems. Copyright © 2015 John Wiley & Sons, Ltd.

Suggested Citation

  • Fabrizio Baiardi & Federico Tonelli & Alessandro Bertolini, 2015. "Iterative selection of countermeasures for intelligent threat agents," International Journal of Network Management, John Wiley & Sons, vol. 25(5), pages 340-354, September.
  • Handle: RePEc:wly:intnem:v:25:y:2015:i:5:p:340-354
    DOI: 10.1002/nem.1899
    as

    Download full text from publisher

    File URL: https://doi.org/10.1002/nem.1899
    Download Restriction: no

    File URL: https://libkey.io/10.1002/nem.1899?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    References listed on IDEAS

    as
    1. Hausken, Kjell & Bier, Vicki M., 2011. "Defending against multiple different attackers," European Journal of Operational Research, Elsevier, vol. 211(2), pages 370-384, June.
    2. Theresa Brown & Walt Beyeler & Dianne Barton, 2004. "Assessing infrastructure interdependencies: the challenge of risk analysis for complex adaptive systems," International Journal of Critical Infrastructures, Inderscience Enterprises Ltd, vol. 1(1), pages 108-117.
    3. Vicki Bier & Santiago Oliveros & Larry Samuelson, 2007. "Choosing What to Protect: Strategic Defensive Allocation against an Unknown Attacker," Journal of Public Economic Theory, Association for Public Economic Theory, vol. 9(4), pages 563-587, August.
    4. Kjell Hausken & Fei He, 2016. "On the Effectiveness of Security Countermeasures for Critical Infrastructures," Risk Analysis, John Wiley & Sons, vol. 36(4), pages 711-726, April.
    5. Fabrizio Baiardi & Daniele Sgandurra, 2013. "Assessing ICT risk through a Monte Carlo method," Environment Systems and Decisions, Springer, vol. 33(4), pages 486-499, December.
    6. Buede, Dennis M. & Mahoney, Suzanne & Ezell, Barry & Lathrop, John, 2012. "Using plural modeling for predicting decisions made by adaptive adversaries," Reliability Engineering and System Safety, Elsevier, vol. 108(C), pages 77-89.
    7. Insua, Insua Rios & Rios, Jesus & Banks, David, 2009. "Adversarial Risk Analysis," Journal of the American Statistical Association, American Statistical Association, vol. 104(486), pages 841-854.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Fabrizio Baiardi & Daniele Sgandurra, 2013. "Assessing ICT risk through a Monte Carlo method," Environment Systems and Decisions, Springer, vol. 33(4), pages 486-499, December.
    2. Hausken, Kjell, 2024. "Fifty Years of Operations Research in Defense," European Journal of Operational Research, Elsevier, vol. 318(2), pages 355-368.
    3. Hunt, Kyle & Zhuang, Jun, 2024. "A review of attacker-defender games: Current state and paths forward," European Journal of Operational Research, Elsevier, vol. 313(2), pages 401-417.
    4. Ríos Insua, David & Cano, Javier & Pellot, Michael & Ortega, Ricardo, 2016. "Multithreat multisite protection: A security case study," European Journal of Operational Research, Elsevier, vol. 252(3), pages 888-899.
    5. Bose, Gautam & Konrad, Kai A., 2020. "Devil take the hindmost: Deflecting attacks to other defenders," Reliability Engineering and System Safety, Elsevier, vol. 204(C).
    6. Mohammad E. Nikoofal & Mehmet Gümüs, 2015. "On the value of terrorist’s private information in a government’s defensive resource allocation problem," IISE Transactions, Taylor & Francis Journals, vol. 47(6), pages 533-555, June.
    7. Zhang, Jing & Wang, Yan & Zhuang, Jun, 2021. "Modeling multi-target defender-attacker games with quantal response attack strategies," Reliability Engineering and System Safety, Elsevier, vol. 205(C).
    8. Li, Qing & Li, Mingchu & Gong, Zhongqiang & Tian, Yuan & Zhang, Runfa, 2022. "Locating and protecting interdependent facilities to hedge against multiple non-cooperative limited choice attackers," Reliability Engineering and System Safety, Elsevier, vol. 223(C).
    9. Qingqing Zhai & Rui Peng & Jun Zhuang, 2020. "Defender–Attacker Games with Asymmetric Player Utilities," Risk Analysis, John Wiley & Sons, vol. 40(2), pages 408-420, February.
    10. Jason Merrick & Gregory S. Parnell, 2011. "A Comparative Analysis of PRA and Intelligent Adversary Methods for Counterterrorism Risk Management," Risk Analysis, John Wiley & Sons, vol. 31(9), pages 1488-1510, September.
    11. Bandyopadhyay, Subhayu & Sandler, Todd, 2023. "Voluntary participation in a terror group and counterterrorism policy," Journal of Economic Behavior & Organization, Elsevier, vol. 215(C), pages 500-513.
    12. Bakker, Craig & Webster, Jennifer B. & Nowak, Kathleen E. & Chatterjee, Samrat & Perkins, Casey J. & Brigantic, Robert, 2020. "Multi-Game Modeling for Counter-Smuggling," Reliability Engineering and System Safety, Elsevier, vol. 200(C).
    13. Vineet M. Payyappalli & Jun Zhuang & Victor Richmond R. Jose, 2017. "Deterrence and Risk Preferences in Sequential Attacker–Defender Games with Continuous Efforts," Risk Analysis, John Wiley & Sons, vol. 37(11), pages 2229-2245, November.
    14. Dogucan Mazicioglu & Jason R. W. Merrick, 2018. "Behavioral Modeling of Adversaries with Multiple Objectives in Counterterrorism," Risk Analysis, John Wiley & Sons, vol. 38(5), pages 962-977, May.
    15. Konrad, Kai A., 2020. "Attacking and defending multiple valuable secrets in a big data world," European Journal of Operational Research, Elsevier, vol. 280(3), pages 1122-1129.
    16. Jason R. W. Merrick & Philip Leclerc, 2016. "Modeling Adversaries in Counterterrorism Decisions Using Prospect Theory," Risk Analysis, John Wiley & Sons, vol. 36(4), pages 681-693, April.
    17. Xing Gao & Weijun Zhong & Shue Mei, 2013. "Information Security Investment When Hackers Disseminate Knowledge," Decision Analysis, INFORMS, vol. 10(4), pages 352-368, December.
    18. Jorge González-Ortega & Refik Soyer & David Ríos Insua & Fabrizio Ruggeri, 2021. "An Adversarial Risk Analysis Framework for Batch Acceptance Problems," Decision Analysis, INFORMS, vol. 18(1), pages 25-40, March.
    19. Gabriel Kuper & Fabio Massacci & Woohyun Shim & Julian Williams, 2020. "Who Should Pay for Interdependent Risk? Policy Implications for Security Interdependence Among Airports," Risk Analysis, John Wiley & Sons, vol. 40(5), pages 1001-1019, May.
    20. Hausken, Kjell, 2017. "Defense and attack for interdependent systems," European Journal of Operational Research, Elsevier, vol. 256(2), pages 582-591.

    More about this item

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:wly:intnem:v:25:y:2015:i:5:p:340-354. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Wiley Content Delivery (email available below). General contact details of provider: https://doi.org/10.1002/(ISSN)1099-1190 .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.