Countermeasure Selection in Security Management Systems
Abstract
Purpose: Manual processing of security-related information can result in omitting important aspects and, finally, in taking inefficient countermeasures. The aim of this research is the automation of countermeasure selection by security-related information processing. Results: The technique is developed for countermeasure selection in the process of managing security information and events. This technique is based on a newly proposed integrated system of security metrics representing the security state of the system. For countermeasure selection, the system of security metrics is extended with an additional level of decision support. The new level is based on the metrics of countermeasure effectiveness. The key features of the proposed technique include using graphs of attacks and service dependencies, applying the suggested countermeasures and security metrics, and also the possibility to give a countermeasure decision at any time, according to the current information on security state and events. Practical relevance: The developed technique can help to improve the efficiency of decision-making in the systems of security information and event management.Published
2015-06-01
How to Cite
Kotenko, I., & Doynikova, E. (2015). Countermeasure Selection in Security Management Systems. Information and Control Systems, (3), 60-69. https://doi.org/10.15217/issn1684-8853.2015.3.60
Issue
Section
Information security