Back to Search
Start Over
Security Analysis Using Subjective Attack Trees
- Source :
- Innovative Security Solutions for Information Technology and Communications ISBN: 9783030692544, SECITC
- Publication Year :
- 2021
- Publisher :
- Springer International Publishing, 2021.
-
Abstract
- Subjective attack trees are an extension to traditional attack trees, proposed so to take uncertainty about likelihoods of security events into account during the modelling of security risk scenarios, using subjective opinions. This paper extends the work of subjective attack trees by allowing for the modelling of countermeasures, as well as conducting a comprehensive security and security investment analysis, such as risk measuring and analysis of profitable security investments. Our approach is evaluated against traditional attack trees. The results demonstrate the importance and advantage of taking uncertainty about probabilities into account. In terms of security investment, our approach seems to be more inclined to protect systems in presence of uncertainty (or lack of knowledge) about security events evaluations.
- Subjects :
- Risk analysis
Security analysis
Risk analysis (engineering)
Work (electrical)
Computer science
0202 electrical engineering, electronic engineering, information engineering
020206 networking & telecommunications
020201 artificial intelligence & image processing
Lack of knowledge
02 engineering and technology
Subjective logic
Investment (macroeconomics)
Investment analysis
Subjects
Details
- ISBN :
- 978-3-030-69254-4
- ISBNs :
- 9783030692544
- Database :
- OpenAIRE
- Journal :
- Innovative Security Solutions for Information Technology and Communications ISBN: 9783030692544, SECITC
- Accession number :
- edsair.doi...........743632a014dd8c77376359f7c2e30756