A Novel Threat and Risk Assessment Mechanism for Security Controls in Service Management

Ping Wang*, Kuo-Ming Chao, Chi-Chun Lo

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

2 Scopus citations

Abstract

Most existing Threat and Risk Assessment (TRA) schemes for cloud services use a converse thinking approach to develop theoretical solutions for minimizing the risk of security breeches at a minimal cost. However, to support rational management decisions, TRA schemes require a careful analysis of the trade-off between the residual risk and the Return on Investment (ROI) given prescribed budget and time constraints. Accordingly, the present study proposes an improved Attack-Defense Tree mechanism designated as iADTree, for solving the TRA problem in cloud computing environments. The proposed scheme enables defenders to identify appropriate countermeasures in accordance with three different defensive strategies associated with the organization's security policy. In implementing the proposed scheme, a sandbox technique is used to examine the attack profile and attack probability of various forms of cyber attacks. The cost and residual risk of various defensive strategies are then evaluated and presented to the defender as a set of recommendations. Defense evaluation metrics for each node for probabilistic analysis is used to simulate the attack results. The simulations focus specifically on the attack profile of botnet to the threat risk assessment. The validity of the proposed approach is demonstrated by simulating the TRA process for a Zeus botnet attack. Overall, the results show that iADTree provides an effective means of modeling the interaction process between the attacker and the defender, analyzing the risk at each node of the tree given various defensive strategies, and developing cost-effective countermeasures for mitigating the network threat.
Original languageEnglish
Title of host publication2013 IEEE 10TH INTERNATIONAL CONFERENCE ON E-BUSINESS ENGINEERING (ICEBE)
Pages337-344
DOIs
StatePublished - 2013
Event2013 IEEE 10th International Conference on e-Business Engineering, ICEBE 2013 - Coventry, United Kingdom
Duration: 11 Sep 201313 Sep 2013

Publication series

Name2013 IEEE 10TH INTERNATIONAL CONFERENCE ON E-BUSINESS ENGINEERING (ICEBE)

Conference

Conference2013 IEEE 10th International Conference on e-Business Engineering, ICEBE 2013
CountryUnited Kingdom
CityCoventry
Period11/09/1313/09/13

Keywords

  • Cloud services; Threat and Risk Assessment; Attack profile; Attack-Defense Tree

Fingerprint Dive into the research topics of 'A Novel Threat and Risk Assessment Mechanism for Security Controls in Service Management'. Together they form a unique fingerprint.

Cite this