Containment Strategy Formalism in a Probabilistic Threat Modelling Framework

Per Fahlander; Mathias Ekstedt; Preetam Mukherjee; Preetam Mukherjee; Ashish Dwivedi

doi:10.5220/0010823800003120

Containment Strategy Formalism in a Probabilistic Threat Modelling Framework

Per Fahlander, Mathias Ekstedt, Preetam Mukherjee, Preetam Mukherjee, Ashish Dwivedi

2022

Abstract

Foreseeing, mitigating and preventing cyber-attacks is more important than ever before. Advances in the field of probabilistic threat modelling can help organisations understand their own resilience profile against cyber-attacks. Previous research has proposed MAL, a meta language for capturing the attack logic of a considered domain and running attack simulations in a model that depicts the defended IT-infrastructure. While this modality is already somewhat established for proposing general threat mitigation actions, less is known about how to model containment strategies in the event that penetration already has occurred. The problem is a fundamental gap between predominant threat models in cyber-security research and containment in the incident response lifecycle. This paper presents a solution to the problem by summarizing a methodology for reasoning about containment strategies in MAL-based threat models.

Download

Paper Citation

in Harvard Style

Fahlander P., Ekstedt M., Mukherjee P. and Dwivedi A. (2022). Containment Strategy Formalism in a Probabilistic Threat Modelling Framework. In Proceedings of the 8th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-553-1, pages 108-120. DOI: 10.5220/0010823800003120

in Bibtex Style

@conference{icissp22,
author={Per Fahlander and Mathias Ekstedt and Preetam Mukherjee and Ashish Dwivedi},
title={Containment Strategy Formalism in a Probabilistic Threat Modelling Framework},
booktitle={Proceedings of the 8th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2022},
pages={108-120},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010823800003120},
isbn={978-989-758-553-1},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 8th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Containment Strategy Formalism in a Probabilistic Threat Modelling Framework
SN - 978-989-758-553-1
AU - Fahlander P.
AU - Ekstedt M.
AU - Mukherjee P.
AU - Dwivedi A.
PY - 2022
SP - 108
EP - 120
DO - 10.5220/0010823800003120