http://www.cnr.it/ontology/cnr/individuo/prodotto/ID294134
On security countermeasures ranking through threat analysis (Contributo in atti di convegno)
- Type
- Label
- On security countermeasures ranking through threat analysis (Contributo in atti di convegno) (literal)
- Anno
- 2014-01-01T00:00:00+01:00 (literal)
- Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#doi
- 10.1007/978-3-319-10557-4_27 (literal)
- Alternative label
Nostro N., Matteucci I., Ceccarelli A., Di Giandomenico D. G., Martinelli F., Bondavalli A. (2014)
On security countermeasures ranking through threat analysis
in Computer Safety, Reliability, and Security - SAFECOMP 2014 Workshops: ASCoMS, DECSoS, DEVVARTS, ISSE, ReSA4CI, SASSUR., Firenze, Italy, 8-9 Sept 2014
(literal)
- Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#autori
- Nostro N., Matteucci I., Ceccarelli A., Di Giandomenico D. G., Martinelli F., Bondavalli A. (literal)
- Pagina inizio
- Pagina fine
- Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#altreInformazioni
- Progetto: Protecting National Critical Infrastructures from Cyber Threats;
Acronimo: TENACE (literal)
- Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#url
- http://link.springer.com/chapter/10.1007%2F978-3-319-10557-4_27# (literal)
- Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#volumeInCollana
- Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#pagineTotali
- Note
- ISI Web of Science (WOS) (literal)
- Scopu (literal)
- PuMa (literal)
- Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#affiliazioni
- CNR-ISTI, Pisa, Italy; CNR-IIT, Pisa, Italy; Università di Firenze, Italy; CNR-ISTI, Pisa, Italy; CNR-IIT, Pisa, Italy; Università di Firenze, Italy (literal)
- Titolo
- On security countermeasures ranking through threat analysis (literal)
- Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#isbn
- 978-3-319-10556-7 (literal)
- Http://www.cnr.it/ontology/cnr/pubblicazioni.owl#curatoriVolume
- Andrea Bondavalli, Andrea Ceccarelli, Frank Ortmeier (literal)
- Abstract
- Security analysis and design are key activities for the protection of critical systems and infrastructures. Traditional approaches consist first in applying a qualitative threat assessment that identifies the attack points. Results are then used as input for the security design such that appropriate countermeasures are selected. In this paper we propose a novel approach for the selection and ranking of security controlling strategies which is driven by quantitative threat analysis based on attack graphs. It consists of two main steps: i) a threat analysis, performed to evaluate attack points and paths identifying those that are feasible, and to rank attack costs from the perspective of an attacker; ii) controlling strategies, to derive the appropriate monitoring rules and the selection of countermeasures are evaluated, based upon the provided values and ranks. Indeed, the exploitation of such threat analysis allows to compare different controlling strategies and to select the one that fits better the given set of functional and security requirements. To exemplify our approach, we adopt part of an electrical power system, the Customer Energy Management System (CEMS), as reference scenario where the steps of threat analysis and security strategies are applied. © 2014 Springer International Publishing. (literal)
- Editore
- Prodotto di
- Autore CNR
- Insieme di parole chiave
Incoming links:
- Prodotto
- Autore CNR di
- Editore di
- Insieme di parole chiave di