Visible to the public An Adversarial Risk-based Approach for Network Architecture Security Modeling and Design

TitleAn Adversarial Risk-based Approach for Network Architecture Security Modeling and Design
Publication TypeConference Paper
Year of Publication2018
AuthorsWortman, Paul A., Tehranipoor, Fatemeh, Chandy, John A.
Conference Name2018 International Conference on Cyber Security and Protection of Digital Services (Cyber Security)
Keywordsadversarial risk-based approach, computer network security, defender, monetary unit, network architecture security modeling design, network critical path design problem, Network Security Architecture, probability, pubcrawl, Resiliency, risk analysis, Secure network architecture, security metric, security metrics, security risk analysis, System security modeling
AbstractNetwork architecture design and verification has become increasingly complicated as a greater number of security considerations, implementations, and factors are included in the design process. In the design process, one must account for various costs of interwoven layers of security. Generally these costs are simplified for evaluation of risk to the network. The obvious implications of adding security are the need to account for the impacts of loss (risk) and accounting for the ensuing increased design costs. The considerations that are not traditionally examined are those of the adversary and the defender of a given system. Without accounting for the view point of the individuals interacting with a network architecture, one can not verify and select the most advantageous security implementation. This work presents a method for obtaining a security metric that takes into account not only the risk of the defender, but also the probability of an attack originating from the motivation of the adversary. We then move to a more meaningful metric based on a monetary unit that architects can use in choosing a best fit solution for a given network critical path design problem.
Citation Keywortman_adversarial_2018