Multi-objective decision support for IT security control selection

Elmar Kiesling, Andreas Ekelhart, Bernhard Grill, Christine Strauss, Christian Stummer

Veröffentlichungen: Beitrag in BuchBeitrag in Konferenzband

Abstract

Identifying an optimal sets of security controls to protect complex information
systems is a challenging problem. The aim of the research project MOSES3 is to develop and implement a framework that supports decision-makers in this task. Our approach rests upon comprehensive modeling of security knowledge, dynamic attack tree generation techniques, discrete event simulation of sophisticated attacks that exploit emergent weaknesses, and multi-objective optimization of security
control portfolios. In our talk we outline the overall framework and present preliminary results.
OriginalspracheEnglisch
TitelEURO|INFORMS 26th EUROPEAN CONFERENCE ON OPERATIONAL RESEARCH MMXIIRoME
ErscheinungsortRome, Italy
Seiten253
PublikationsstatusVeröffentlicht - 2013

ÖFOS 2012

  • 102016 IT-Sicherheit
  • 107007 Risikoforschung
  • 101015 Operations Research

Schlagwörter

  • CMI
  • BWL

Zitationsweisen