Haruspex is a suite of tools to assess and manage the risk posed by an information and communication technology system. The suite is built around the application of a Monte Carlo method to a scenario where intelligent agents implement chains of attacks to reach their goals. Some tools build a description of the agents, the target system, its vulnerabilities and the resulting attacks. Another tool applies a Monte Carlo method to this description, simulates the building of attack chains by the agents and it returns a database with samples it collects in the simulations. Further tools analyze this database to select countermeasures. To validate the suite and verify it truthfully models attackers, it has been adopted in Locked Shield 2014, a network defense exercise with participants from 17 nations. The results of this exercise validate the designs of the tools.
Assessing and Managing Risk by Simulating Attack Chains
BAIARDI, FABRIZIOMembro del Collaboration Group
;TONELLI, FEDERICOMembro del Collaboration Group
;
2016-01-01
Abstract
Haruspex is a suite of tools to assess and manage the risk posed by an information and communication technology system. The suite is built around the application of a Monte Carlo method to a scenario where intelligent agents implement chains of attacks to reach their goals. Some tools build a description of the agents, the target system, its vulnerabilities and the resulting attacks. Another tool applies a Monte Carlo method to this description, simulates the building of attack chains by the agents and it returns a database with samples it collects in the simulations. Further tools analyze this database to select countermeasures. To validate the suite and verify it truthfully models attackers, it has been adopted in Locked Shield 2014, a network defense exercise with participants from 17 nations. The results of this exercise validate the designs of the tools.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
