Download presentation
Presentation is loading. Please wait.
1
Cascading Attack Damage
2
What is the real cost of a cyber-attack? The cost of the service attacked may not reflect the real amount of damage. Many other services may rely on the attacked service, causing a cascade. How can we determine the real cost associated with the cascade?
3
JAC Defines Values, Dependencies, and Damage.
4
Values A Value defines an object in JAC. The Value is used to calculate the value of damage to an object.
5
Dependencies A dependency is defined between two objects with defined Values. The dependency of A on B is defined as the percentage of A that requires B.
6
Damage You attack an object by assigning it Damage. Damage is defined as the percentage of the object that is damaged.
7
System Architecture
8
Jess Rule Engine All objects are turned into Jess facts. Rules model the cascade effect.
9
JAC
10
Adding Values You can Add an Object to the Domain by adding a Value:
11
Adding Dependencies You can add a dependency between any two objects with defined Values.
12
Adding Dependancies You can provide a weight to the dependency. This weight is the percentage of the affect on the affected object.
13
Dependency Modeling JAC can provide a graphical model of your dependency structure.
14
Adding Damage You can attack any object with an assigned value by assigning it damage.
15
Adding Damage You assign damage as a percent of the attack object.
16
Removing Values, Affects, & Damage You can remove any value, dependency, or damage by selecting it and clicking the appropriate remove button.
17
Cascading Damage Once you have defined Values, Dependencies, and Added damage for at least one object in the domain, you can cascade the attack.
18
Cascading Damage
19
Damage is tracked, as well which dependencies cause the cascade.
20
Cascade Modeling JAC can provide a graphical representation of the damage cascade of an attack.
21
Cascading Damage The value of damage to each object is determined, as is total attack damage.
22
Future Work Detailed economic model for dependency coefficients. Compensation between dependencies. Temporal modeling. Java Bean representation of rules, allowing for flexibility in software architecture. Jess / Rete engine optimizations
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.