1 / 9

An Active Defense Decision Model

An Active Defense Decision Model. Sergio Caltagirone Major Professor: Deborah Frincke, PhD University of Idaho scaltagi@acm.org. Purpose of Research. Provide a generalizable, extendable model for any organization Completely model the risk of the threat and AD actions

fbarone
Télécharger la présentation

An Active Defense Decision Model

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. An Active Defense Decision Model Sergio Caltagirone Major Professor: Deborah Frincke, PhD University of Idaho scaltagi@acm.org Sergio Caltagirone University of Idaho

  2. Purpose of Research • Provide a generalizable, extendable model for any organization • Completely model the risk of the threat and AD actions • Find best active defense solution for the threat (allow for automation) • Provide legal (and ethical) due diligence • Why? • Current tools are inefficient and sometimes critically ineffective • Model is technologically independent • *** Fear *** Sergio Caltagirone University of Idaho

  3. Stages of An Active Defense Sergio Caltagirone University of Idaho

  4. The Model Escalation Ladder AD Policy Asset Evaluation Action Evaluation Graph Asset Identification Goal Identification Risk Identification Shortest Path Threat Identification Action Identification Utility Modifier Contingency Plan Risk Identification Action Classification Success Ordering Sergio Caltagirone University of Idaho

  5. Example Scoring Chart Sergio Caltagirone University of Idaho

  6. Asset (A1): Student Records Database Confidentiality Threats Threat (TC-1): Outsider gains access and copies sensitive data FINAL SCORE: Legal Risks Score Probability Score * Prob L1: National Security Risks NS1: Students’ social security number are released Financial Risks F1: Loss of tuition 5 .8 4 F2: Loss of financial donations 7 .4 2.8 Ethical Consequences EC1: Example Asset Evaluation Sergio Caltagirone University of Idaho

  7. Threat: TA-1 Goal: Stop the ongoing DoS attack while preserving access to the database behind the campus firewall Stage 1 Actions Act1: Risk Score: Success Order: Legal Score Prob S * P National Security Financial E. Consequences E. Actions Stage 2 Actions Example Action Evaluation Sergio Caltagirone University of Idaho

  8. Example Escalation Ladder Graph Stage 0 Stage 1 Stage 2 …. Stage n Act1/7 Act4/2 V/0 Act2/-1 Act5/3 U/0 Act3/2 Act6/1 Vertex Cost = Risk(Action) – Risk(Threat) – Success(Action) Sergio Caltagirone University of Idaho

  9. Final Thoughts • Current Work: • Complete this paper (currently in draft form) • Where does the algorithm stop other than at threat mitigation? (total risk) • Examples need work • Final Analysis • Future Work: • Implement in an IDS or automated fashion • Usability studies on potential model interfaces • Questions? Sergio Caltagirone University of Idaho

More Related