A New Bayesian Approach to Exploring Damaged Assets by Monitoring Mission Failures Caused by Undetected Attack

Shim, Shinwoo; Yoon, Ji Won

doi:10.1007/978-3-030-17982-3_15

Shinwoo Shim^16,17 &
Ji Won Yoon¹⁶

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11402))

Included in the following conference series:

International Workshop on Information Security Applications

590 Accesses

Abstract

Modern military systems operated with a complex of computers and software may have mission failure which is caused by undetected attacks. In such situations, it is important to find out which assets are damaged. After identifying damaged assets, we need to immediately examine the damaged assets to defend against the attacks. However, it is not straightforward to explore the damaged assets because there are the complicated relationships among assets, tasks and missions. In this paper, we propose an effective methodology to infer the damaged assets given observed mission impacts in a Bayesian framework. We used Bayesian networks to model assets, tasks, missions and to set the relationships among them. Our approach visually infers and identifies the damaged assets with the probability. We show that proposed Bayesian framework is practical and useful with the use case experiment.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

Bilge, L., Dumitras, T.: Before we knew it: an empirical study of zero-day attacks in the real world. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 833–844 (2012)
Google Scholar
Jakobson, G.: Mission cyber security situation assessment using impact dependency graphs. In: Proceedings of the 14th International Conference on Information Fusion, Chicago, IL (2011)
Google Scholar
Sun, X., Singhal, A., Liu, P.: Who touched my mission: towards probabilistic mission impact assessment. In: Proceedings of the 2015 Workshop on Automated Decision Making for Active Cyber Defense, SafeConfig 2015, pp. 21–26, New York, NY, USA. ACM (2015)
Google Scholar
Motzek, A., Möller, R.: Context- and bias-free probabilistic mission impact assessment. Comput. Secur. 65(2017), 166–186 (2017)
Article Google Scholar
Holspopple, J., Yang, S.J.: Handling temporal and functional changes for mission impact assessment. In: Proceedings International Multidisciplinary Conference on Cognitive Methods in Situational Awareness and Decision Support (CogSIMA), San Diego (2013)
Google Scholar
Fortson, L.W.: Towards the development of a defensive cyber damage and mission impact methodology. AFIT Masters thesis, March 2007
Google Scholar
Pearl, J., Russell, S.: Bayesian networks. In: The Handbook of Brain Theory and Neural Networks, 2nd edn, pp. 157–160. MIT Press (2003)
Google Scholar
Munoz-Gonzalez, L., Sgandurra, D., Barrere, M., Lupu, E.C.: Exact inference techniques for the analysis of Bayesian attack graphs. IEEE Trans. Dependable Secur. Comput. 16, 231–244 (2017)
Article Google Scholar
Xie, P., Li, J.H., Ou, X., Liu, P., Levy, R.: Using Bayesian networks for cyber security analysis. In: 2010 IEEE/IFIP International Conference on Dependable Systems & Networks (DSN), Chicago, IL, pp. 211–220 (2010)
Google Scholar
Henrion, M.: Practical issues in constructing a Bayes’ belief network. In: Proceedings of Third Workshop on Uncertainty in AI, AAAI, Seattle, Washington, pp. 132–139, July 1987
Google Scholar
Nakhla, N., Perrett, K., McKenzie, C.: Automated computer network defense using ARMOUR: mission-oriented decision support and vulnerability mitigation. In: 2017 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (Cyber SA), London, pp. 1–8 (2017)
Google Scholar
FIRST Org. Inc.: Common Vulnerability Scoring System v3.0. Specification Document. https://www.first.org/cvss/
Murphy, K.: Bayes Net Toolbox for Matlab. https://www.cs.utah.edu/~tch/notes/matlab/bnt/docs/bnt_pre_sf.html. https://github.com/bayesnet/bnt

Download references

Author information

Authors and Affiliations

Graduate School of Information Security, Korea University, Seoul, Republic of Korea
Shinwoo Shim & Ji Won Yoon
Cyber Warfare R&D Lab, LIG Nex1 Co., Seongnam, Republic of Korea
Shinwoo Shim

Authors

Shinwoo Shim
View author publications
You can also search for this author in PubMed Google Scholar
Ji Won Yoon
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ji Won Yoon .

Editor information

Editors and Affiliations

Korea Advanced Institute of Science and Technology, Daejeon, Korea (Republic of)
Brent ByungHoon Kang
Korea Advanced Institute of Science and Technology, Daejeon, Korea (Republic of)
JinSoo Jang

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Shim, S., Yoon, J.W. (2019). A New Bayesian Approach to Exploring Damaged Assets by Monitoring Mission Failures Caused by Undetected Attack. In: Kang, B., Jang, J. (eds) Information Security Applications. WISA 2018. Lecture Notes in Computer Science(), vol 11402. Springer, Cham. https://doi.org/10.1007/978-3-030-17982-3_15

Download citation

DOI: https://doi.org/10.1007/978-3-030-17982-3_15
Published: 12 April 2019
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-17981-6
Online ISBN: 978-3-030-17982-3
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics