Authors: Edge K.S., Dalton G.C., Raines R.A. and Mills R.F. Affiliation: Air Force Inst. of Technol. Published by: Military Communications Conference,

Slides:



Advertisements
Similar presentations
Revocation Mechanisms for Hybrid Group Communication with Asymmetric Links Abstract Wildcard identity-based encryption (IBE) provides an effective means.
Advertisements

Managerial Decision Modeling with Spreadsheets
Study Group Randomized Algorithms 21 st June 03. Topics Covered Game Tree Evaluation –its expected run time is better than the worst- case complexity.
Worm Origin Identification Using Random Moonwalks Yinglian Xie, V. Sekar, D. A. Maltz, M. K. Reiter, Hui Zhang 2005 IEEE Symposium on Security and Privacy.
1 SANS Technology Institute - Candidate for Master of Science Degree 1 A Preamble into Aligning Systems Engineering and Information Security Risk Dr. Craig.
Computer Science SDAP: A Secure Hop-by-Hop Data Aggregation Protocol for Sensor Networks Yi Yang, Xinran Wang, Sencun Zhu and Guohong Cao April 24, 2007.
Lecture 8 Strategy and Analysis in using NPV The NPV analysis then gives a precise formula for deciding whether or not to proceed with the investment.
An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.
Efficient, Proximity-Aware Load Balancing for DHT-Based P2P Systems Yingwu Zhu, Yiming Hu Appeared on IEEE Trans. on Parallel and Distributed Systems,
On the Construction of Energy- Efficient Broadcast Tree with Hitch-hiking in Wireless Networks Source: 2004 International Performance Computing and Communications.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
A Distributed Algorithm for Minimum-Weight Spanning Trees by R. G. Gallager, P.A. Humblet, and P. M. Spira ACM, Transactions on Programming Language and.
How to Read a Technical Paper Locking and Consistency 10/7/05.
SybilGuard: Defending Against Sybil Attacks via Social Networks Haifeng Yu, Michael Kaminsky, Phillip B. Gibbons, and Abraham Flaxman Presented by Ryan.
IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.
Efficient and Reliable Broadcast in ZigBee Networks Purdue University, Mitsubishi Electric Lab. To appear in SECON 2005.
Anya Apavatjrut, Katia Jaffres-Runser, Claire Goursaud and Jean-Marie Gorce Combining LT codes and XOR network coding for reliable and energy efficient.
Effect of Intrusion Detection on Reliability Jin-Hee Cho, Member, IEEE, Ing-Ray Chen, Member, IEEE, and Phu-Gui Feng IEEE TRANSACTIONS ON RELIABILITY,
1 Introduction to Security Chapter 5 Risk Management: The Foundation of Private Security.
1 Introduction to Information Security. 2 Historical aspects of InfoSec Critical characteristics of information CNSS security model Systems development.
Operations Security (OPSEC) Introduction  Standard  Application  Objectives  Regulations and Guidance  OPSEC Definition  Indicators.
Preserving Link Privacy in Social Network Based Systems Prateek Mittal University of California, Berkeley Charalampos Papamanthou.
HAWKES LEARNING SYSTEMS Students Matter. Success Counts. Copyright © 2013 by Hawkes Learning Systems/Quant Systems, Inc. All rights reserved. Section 10.2.
Growing Up In Ireland Research Conference The Education of 9-Year-Olds.
1 Quality Center 10.0 NOTE: Uninstall the current version of QC before downloading QC All QC 10.0 documents can be located on the BI Shared Services.
Created on 29/10/2008yahaya.wordpress.com1 Trees Another common nonlinear data structure is the tree. We have already seen an example of a tree when we.
Querying Structured Text in an XML Database By Xuemei Luo.
DYNAMIC VALIDITY PERIOD CALCULATION OF DIGITAL CERTIFICATES BASED ON AGGREGATED SECURITY ASSESSMENT By Alexander Beck Jens Graupmann Frank Ortmeier.
Chapter 2 Risk Measurement and Metrics. Measuring the Outcomes of Uncertainty and Risk Risk is a consequence of uncertainty. Although they are connected,
How to start research V. Jayalakshmi. Why do we research? – To solve a problem – To satisfy an itch – To gain more market share/ Develop and improve –
A Quick Guide to beginning Research Where to Start.
 Leaf test codes are secure sine they would not be jammed by jammers.  When few normal users are present, many leaf code tests are wasted since absent.
Group Rekeying for Filtering False Data in Sensor Networks: A Predistribution and Local Collaboration-Based Approach Wensheng Zhang and Guohong Cao.
Improved Approximation Algorithms for the Quality of Service Steiner Tree Problem M. Karpinski Bonn University I. Măndoiu UC San Diego A. Olshevsky GaTech.
Load-Balancing Routing in Multichannel Hybrid Wireless Networks With Single Network Interface So, J.; Vaidya, N. H.; Vehicular Technology, IEEE Transactions.
Games. Adversaries Consider the process of reasoning when an adversary is trying to defeat our efforts In game playing situations one searches down the.
Hierarchical Quorum Consensus: A New Algorithm for Managing Replicated Data Akhil Kumar IEEE TRANSACTION ON COMPUTERS, VOL.40, NO.9, SEPTEMBER 1991.
1 Chapter 10 Trees. 2 Definition of Tree A tree is a set of linked nodes, such that there is one and only one path from a unique node (called the root.
A secure re-keying scheme Introduction Background Re-keying scheme User revocation User join Conclusion.
Evaluating Network Security with Two-Layer Attack Graphs Anming Xie Zhuhua Cai Cong Tang Jianbin Hu Zhong Chen ACSAC (Dec., 2009) 2010/6/151.
Wireless communications and mobile computing conference, p.p , July 2011.
Layer-aligned Multi-priority Rateless Codes for Layered Video Streaming IEEE Transactions on Circuits and Systems for Video Technology, 2014 Hsu-Feng Hsiao.
Analyzing the Vulnerability of Superpeer Networks Against Attack Niloy Ganguly Department of Computer Science & Engineering Indian Institute of Technology,
Decision Trees Binary output – easily extendible to multiple output classes. Takes a set of attributes for a given situation or object and outputs a yes/no.
1 Utilizing Shared Vehicle Trajectories for Data Forwarding in Vehicular Networks IEEE INFOCOM MINI-CONFERENCE Fulong Xu, Shuo Gu, Jaehoon Jeong, Yu Gu,
ICC Module 3 Lesson 5 – IT Security 1 / 4 © 2015 Ph. Janson Information, Computing & Communication Security – Clip 0 – Introduction School of Computer.
REDUNDANCY VS. PROTECTION VS. FALSE TARGETS FOR SYSTEMS UNDER ATTACK Gregory Levitin, Senior Member, IEEE, and Kjell Hausken IEEE Transactions on Reliability.
Homeschooling vs. The Public School System BY TAYLOR SPILKER.
Damien B. Jourdan, Olivier L. de Weck Dept
Efficient Resource Allocation for Wireless Multicast De-Nian Yang, Member, IEEE Ming-Syan Chen, Fellow, IEEE IEEE Transactions on Mobile Computing, April.
MITRE 7 April 2009 CS 5214 Presenter: Phu-Gui Feng Performance Analysis of Distributed IDS Protocols for Mobile GCS Dr. Jin-Hee Cho, Dr. Ing-Ray Chen MITRE.
A Bandwidth Scheduling Algorithm Based on Minimum Interference Traffic in Mesh Mode Xu-Yajing, Li-ZhiTao, Zhong-XiuFang and Xu-HuiMin International Conference.
1 Low Latency Multimedia Broadcast in Multi-Rate Wireless Meshes Chun Tung Chou, Archan Misra Proc. 1st IEEE Workshop on Wireless Mesh Networks (WIMESH),
Adversarial Search 2 (Game Playing)
Dynamic Proxy Tree-Based Data Dissemination Schemes for Wireless Sensor Networks Wensheng Zhang, Guohong Cao and Tom La Porta Department of Computer Science.
A fault tree – Based Bayesian network construction for the failure rate assessment of a complex system 46th ESReDA Seminar May 29-30, 2014, Politecnico.
Inna Levitskaya.  Productiveness of successful people  The rule of “6 P”  The decision tree  The most important - identify the main  The word "no“
Dr. Gerry Firmansyah CID Business Continuity and Disaster Recovery Planning for IT (W-XIV)
Reliability Gain of Network Coding - INFOCOM 08
Worm Origin Identification Using Random Moonwalks
Module 1: Introduction to Designing Security
Discrete Math 2 Weighted Graph Search Tree
Multi-Node Broadcasting in Hypercube and Star Graphs
TERRORIST PROTECTION PLANNING USING A RELATIVE RISK REDUCTION APPROACH
Operations Security (OPSEC)
Lecture 36 Section 12.2 Mon, Apr 23, 2007
Casey Fung Network Centric Operations, Boeing Phantom Works
CMGT/431 INFORMATION SYSTEMS SECURITY The Latest Version // uopcourse.com
CMGT 431 CMGT431 cmgt 431 cmgt431 Entire Course // uopstudy.com
Presentation transcript:

Authors: Edge K.S., Dalton G.C., Raines R.A. and Mills R.F. Affiliation: Air Force Inst. of Technol. Published by: Military Communications Conference, MILCOM IEEE Presented by Yean-Ru Chen Dec. 23, 2011 Using attack and protection trees to analyze threats and defenses to homeland security

Outline  Introduction & Motivation  Attack Trees  Metrics  Protection Trees  Homeland Security Information Network (HSIN) Example and Results & Analysis  Conclusions 2

Introduction & Motivation  To provide a reliable, cost effective (with limited resources) method to decide how to best protect a critical system from attackers.  Using attack trees to find out the vulnerabilities and using protection trees to take successfully and appropriately defenses from attacks. 3

Attack Trees  It is also called Threat Logic Trees (TLT).  Tree structure with child nodes having AND or OR relationships.  Root node: attacker’s goal  Can be further decomposed into sub-goals  Leaf nodes: individual attacker actions (attackers can actually control) AND OR 4

Metrics  Attack Tree 5

Metrics  P: probability of success (attack successfully)  Obtained by either analyst estimation or historical data  Cost: cost to carry out a certain attack/the sub-goal/the goal  Obtained by either analyst estimation or historical data  Impact: impact to the system  Risk: calculated using the other metrics 6

Metrics 7

8

 The parent of nodes with an OR relationship always has a higher probability of success then any of the child nodes.  The parent node of children with an AND relationship always has a lower probability of success than the highest (? lowest) probability child node. 9

Protection Trees  Compared with attack tree: also AND/OR type tree structures  Protection trees can yield an analysis of where protections should be placed in order to get the greatest protection for the least expenditure of resources.  The root node of a protection tree directly corresponds with the root node in an attack tree, but the rest of the tree's structure may differ widely. 10

 OR in attack tree AND in protection tree  There is not always a one to one correspondence between nodes in the attack tree and the protection tree. 11

12

Homeland Security Information Network (HSIN) Example and Results & Analysis For example: Now we just have only $25K of resources available to use in protecting the JRIES system Highest Risk Attack Tree Protection Tree 13

We choose the cheapest one to protect server. cheaper one Protection Tree 14

15

16

Finally, they use 22k to reduce the probability of success and let the attatacker should spend much money to attack. Before After 17

Conclusions  This paper has shown how attack and protection trees can be used to analyze a system's vulnerabilities and determine where to place appropriate protections in a logical manner.  Metrics that can be used in attack and protection trees were introduced and operators for the metrics were developed. 18

19

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.