Iterative selection of countermeasures for intelligent threat agents

We describe a model-based approach to select cost-effective countermeasures for an information and communication technology infrastructure under attack by intelligent agents. Each agent tries to reach some predefined goals through a sequence of attacks. The proposed approach builds the models of the infrastructure and of the agents, and then it applies a Monte Carlo method that runs multiple, independent simulations of the agent attacks. These simulations produce a statistical sample that is used to assess the risk. The selection of countermeasures works in an iterative way where each iteration selects some countermeasures and applies the Monte Carlo method to evaluate any residual risk. In this way, it takes into account that an intelligent agent may select distinct attacks to replace those affected by the countermeasures. To improve cost effectiveness, the selection focuses on useful attacks to reach a goal. The Haruspex suite is an integrated set of tool to support this approach. Some of its tools build the models of the agents and the one of the system. Another tool uses these models to apply the Monte Carlo method and simulate the agent attacks. This tool is iteratively invoked by the one that select countermeasures. We describe the adoption of the suite to assess and manage the risk of three industrial control systems