TY - GEN
T1 - Threat risk analysis for cloud security based on attack-defense trees
AU - Wang, Ping
AU - Lin, Wen Hui
AU - Kuo, Pu Tsun
AU - Lin, Hui Tang
AU - Wang, Tzu Chia
PY - 2012/10/8
Y1 - 2012/10/8
N2 - The existing attack trees and attack graphs schemes focused on depicting the possible intrusions by presenting the suspected attack profiles, not for interactions between threats and defenses. Consequently, it limits the adoption of the safeguards with which to select the effective defensive strategies. Accordingly, the present study proposes a new method for solving threat risk analysis problem by means of modified Attack-Defense Trees (ADT) considering the effect of both the attack cost and defense cost. The effectiveness of the proposed approach was evaluated by a set of metrics for mitigating new network threats, like APT attacks. In addition, an illustration case of threat risk analysis of cloud security is given to demonstrate our approach. Finally, the adaptability of the proposed scheme is investigated by the attributes comparison with that of the scheme presented by Edge et al. (2007). Overall, our approach provides an effective means of reconstructing the attack profiles and evaluating the countermeasures in the evolutional process of security management for cloud security.
AB - The existing attack trees and attack graphs schemes focused on depicting the possible intrusions by presenting the suspected attack profiles, not for interactions between threats and defenses. Consequently, it limits the adoption of the safeguards with which to select the effective defensive strategies. Accordingly, the present study proposes a new method for solving threat risk analysis problem by means of modified Attack-Defense Trees (ADT) considering the effect of both the attack cost and defense cost. The effectiveness of the proposed approach was evaluated by a set of metrics for mitigating new network threats, like APT attacks. In addition, an illustration case of threat risk analysis of cloud security is given to demonstrate our approach. Finally, the adaptability of the proposed scheme is investigated by the attributes comparison with that of the scheme presented by Edge et al. (2007). Overall, our approach provides an effective means of reconstructing the attack profiles and evaluating the countermeasures in the evolutional process of security management for cloud security.
UR - http://www.scopus.com/inward/record.url?scp=84867026054&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84867026054&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:84867026054
SN - 9788988678671
T3 - Proceedings - 2012 8th International Conference on Computing Technology and Information Management, ICCM 2012
SP - 106
EP - 111
BT - Proceedings - 2012 8th International Conference on Computing Technology and Information Management, ICCM 2012
T2 - 2012 8th International Conference on Computing Technology and Information Management, ICCM 2012
Y2 - 24 April 2012 through 26 April 2012
ER -