Who Touched my Mission: Towards Probabilistic Mission Impact Assessment

Published: October 12, 2015

Author(s)

Xiaoyan Sun, Anoop Singhal, Peng Liu

Abstract

Cyber attacks inevitably generate impacts towards relevant missions. However, concrete methods to accurately evaluate such impacts are rare. In this paper, we propose a probabilistic approach based on Bayesian networks for quantitative mission impact assessment. A System Object Dependency Graph (SODG) is built to capture the intrusion propagation process at the low operating system level. On top of the SODG, a mission-task-asset (MTA) map can be established to associate the system objects with corresponding tasks and missions. Based on the MTA map, a Bayesian network can be constructed to leverage the collected intrusion evidence and infer the probabilities of tasks and missions being tainted. This approach is promising for effective quantitative mission impact assessment.
Proceedings Title: Proceedings of the 2015 Workshop on Automated Decision Making for Active Cyber Defense (SafeConfig '15)
Conference Dates: October 12, 2015
Conference Location: Denver, CO
Conference Title: Workshop on Automated Decision Making for Active Cyber Defense (SafeConfig '15)
Pub Type: Conferences

Keywords

attack graphs, Bayesian networks, mission impact assessment, System Object Dependency Graph
Created October 12, 2015, Updated November 10, 2018