A New Bayesian Approach to Exploring Damaged Assets by Monitoring Mission Failures Caused by Undetected Attack

  • Shinwoo Shim
  • Ji Won YoonEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11402)


Modern military systems operated with a complex of computers and software may have mission failure which is caused by undetected attacks. In such situations, it is important to find out which assets are damaged. After identifying damaged assets, we need to immediately examine the damaged assets to defend against the attacks. However, it is not straightforward to explore the damaged assets because there are the complicated relationships among assets, tasks and missions. In this paper, we propose an effective methodology to infer the damaged assets given observed mission impacts in a Bayesian framework. We used Bayesian networks to model assets, tasks, missions and to set the relationships among them. Our approach visually infers and identifies the damaged assets with the probability. We show that proposed Bayesian framework is practical and useful with the use case experiment.


Mission Impact Assessment Bayesian network Cyber warfare 


  1. 1.
    Bilge, L., Dumitras, T.: Before we knew it: an empirical study of zero-day attacks in the real world. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 833–844 (2012)Google Scholar
  2. 2.
    Jakobson, G.: Mission cyber security situation assessment using impact dependency graphs. In: Proceedings of the 14th International Conference on Information Fusion, Chicago, IL (2011)Google Scholar
  3. 3.
    Sun, X., Singhal, A., Liu, P.: Who touched my mission: towards probabilistic mission impact assessment. In: Proceedings of the 2015 Workshop on Automated Decision Making for Active Cyber Defense, SafeConfig 2015, pp. 21–26, New York, NY, USA. ACM (2015)Google Scholar
  4. 4.
    Motzek, A., Möller, R.: Context- and bias-free probabilistic mission impact assessment. Comput. Secur. 65(2017), 166–186 (2017)CrossRefGoogle Scholar
  5. 5.
    Holspopple, J., Yang, S.J.: Handling temporal and functional changes for mission impact assessment. In: Proceedings International Multidisciplinary Conference on Cognitive Methods in Situational Awareness and Decision Support (CogSIMA), San Diego (2013)Google Scholar
  6. 6.
    Fortson, L.W.: Towards the development of a defensive cyber damage and mission impact methodology. AFIT Masters thesis, March 2007Google Scholar
  7. 7.
    Pearl, J., Russell, S.: Bayesian networks. In: The Handbook of Brain Theory and Neural Networks, 2nd edn, pp. 157–160. MIT Press (2003)Google Scholar
  8. 8.
    Munoz-Gonzalez, L., Sgandurra, D., Barrere, M., Lupu, E.C.: Exact inference techniques for the analysis of Bayesian attack graphs. IEEE Trans. Dependable Secur. Comput. 16, 231–244 (2017)CrossRefGoogle Scholar
  9. 9.
    Xie, P., Li, J.H., Ou, X., Liu, P., Levy, R.: Using Bayesian networks for cyber security analysis. In: 2010 IEEE/IFIP International Conference on Dependable Systems & Networks (DSN), Chicago, IL, pp. 211–220 (2010)Google Scholar
  10. 10.
    Henrion, M.: Practical issues in constructing a Bayes’ belief network. In: Proceedings of Third Workshop on Uncertainty in AI, AAAI, Seattle, Washington, pp. 132–139, July 1987Google Scholar
  11. 11.
    Nakhla, N., Perrett, K., McKenzie, C.: Automated computer network defense using ARMOUR: mission-oriented decision support and vulnerability mitigation. In: 2017 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (Cyber SA), London, pp. 1–8 (2017)Google Scholar
  12. 12.
    FIRST Org. Inc.: Common Vulnerability Scoring System v3.0. Specification Document.
  13. 13.

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Graduate School of Information SecurityKorea UniversitySeoulRepublic of Korea
  2. 2.Cyber Warfare R&D Lab, LIG Nex1 Co.SeongnamRepublic of Korea

Personalised recommendations