Threat risk analysis for cloud security based on Attack-Defense Trees

Ping Wang, Hui Tang Lin, Tzu Chia Wang, Wen Hui Lin, Pu Tsun Kuo

Research output: Contribution to journalArticle

Abstract

To effectively counter network attacks by hackers, defenders have developed various threat risk analysis approaches for identifying the intruder attack profile, locating the system vulnerabilities, evaluating the attack cost, and determining the potential impact cost. However, existing attack-tree and attack-graph methods focus only on the attack profile. That is, they ignore the interactions between the actions of the attacker and the defender, respectively. As a result, they limit the ability of the defender to identify suitable defense strategies. Consequently, the present study revises an Attack- Defense Tree (ADT) approach to develop a new threat risk analysis scheme which considers both the attack cost and the defense cost. A set of metrics is proposed for evaluating the effectiveness of the proposed approach in the context of an Advanced Persistent Threat (APT) attack. Finally, the proposed approach is demonstrated by performing a threat risk analysis of a typical cloud security application.

Original languageEnglish
Pages (from-to)607-617
Number of pages11
JournalInternational Journal of Advancements in Computing Technology
Volume4
Issue number17
DOIs
Publication statusPublished - 2012 Sep 1

    Fingerprint

All Science Journal Classification (ASJC) codes

  • Computer Science(all)

Cite this