Top Banner
Cascading Attack Damage
22

Cascading Attack Damage. What is the real cost of a cyber-attack? The cost of the service attacked may not reflect the real amount of damage. Many other.

Dec 20, 2015

Download

Documents

cascading damage slide

value of damage

damage cascade

cascading attack damage

jac slide

total attack damage

attack object

system architecture

Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: Cascading Attack Damage. What is the real cost of a cyber-attack? The cost of the service attacked may not reflect the real amount of damage. Many other.

Cascading Attack Damage

Page 2: Cascading Attack Damage. What is the real cost of a cyber-attack? The cost of the service attacked may not reflect the real amount of damage. Many other.

What is the real cost of a cyber-attack?

The cost of the service attacked may not reflect the real amount of damage.

Many other services may rely on the attacked service, causing a cascade.

How can we determine the real cost associated with the cascade?

Page 3: Cascading Attack Damage. What is the real cost of a cyber-attack? The cost of the service attacked may not reflect the real amount of damage. Many other.

JAC Defines Values, Dependencies, and

Damage.

Page 4: Cascading Attack Damage. What is the real cost of a cyber-attack? The cost of the service attacked may not reflect the real amount of damage. Many other.

Values A Value defines an object in JAC. The Value is used to calculate the value of

damage to an object.

Page 5: Cascading Attack Damage. What is the real cost of a cyber-attack? The cost of the service attacked may not reflect the real amount of damage. Many other.

Dependencies A dependency is defined between two

objects with defined Values. The dependency of A

on B is defined as the percentage of A that requires B.

Page 6: Cascading Attack Damage. What is the real cost of a cyber-attack? The cost of the service attacked may not reflect the real amount of damage. Many other.

Damage You attack an object by assigning it

Damage. Damage is defined as the percentage

of the object that is damaged.

Page 7: Cascading Attack Damage. What is the real cost of a cyber-attack? The cost of the service attacked may not reflect the real amount of damage. Many other.

System Architecture

Remote Java Beans (planned)

GUI “Thick” Clients

WebServlet

Jess RuleEngine

EconomicDamage

Coefficient Model

Local Java Beans (planned)

RMI

Rete EngineQueries

Parsing / RuleGenerator

Web “Thin” Clients (planned)

Page 8: Cascading Attack Damage. What is the real cost of a cyber-attack? The cost of the service attacked may not reflect the real amount of damage. Many other.

Jess Rule Engine All objects are turned into Jess facts. Rules model the cascade effect.

Page 9: Cascading Attack Damage. What is the real cost of a cyber-attack? The cost of the service attacked may not reflect the real amount of damage. Many other.

JAC

Page 10: Cascading Attack Damage. What is the real cost of a cyber-attack? The cost of the service attacked may not reflect the real amount of damage. Many other.

Adding Values You can Add an Object to the Domain by

adding a Value:

Page 11: Cascading Attack Damage. What is the real cost of a cyber-attack? The cost of the service attacked may not reflect the real amount of damage. Many other.

Adding Dependencies You can add a dependency between any

two objects with defined Values.

Page 12: Cascading Attack Damage. What is the real cost of a cyber-attack? The cost of the service attacked may not reflect the real amount of damage. Many other.

Adding Dependancies You can provide a weight to the

dependency. This weight is the percentage of the affect on the affected object.

Page 13: Cascading Attack Damage. What is the real cost of a cyber-attack? The cost of the service attacked may not reflect the real amount of damage. Many other.

Dependency Modeling JAC can provide a graphical

model of your dependency structure.

Page 14: Cascading Attack Damage. What is the real cost of a cyber-attack? The cost of the service attacked may not reflect the real amount of damage. Many other.

Adding Damage You can attack any object with an assigned

value by assigning it damage.

Page 15: Cascading Attack Damage. What is the real cost of a cyber-attack? The cost of the service attacked may not reflect the real amount of damage. Many other.

Adding Damage You assign damage as a percent of the

attack object.

Page 16: Cascading Attack Damage. What is the real cost of a cyber-attack? The cost of the service attacked may not reflect the real amount of damage. Many other.

Removing Values, Affects, & Damage

You can remove any value, dependency, or damage by selecting it and clicking the appropriate remove button.

Page 17: Cascading Attack Damage. What is the real cost of a cyber-attack? The cost of the service attacked may not reflect the real amount of damage. Many other.

Cascading Damage Once you have defined Values,

Dependencies, and Added damage for at least one object in the domain, you can cascade the attack.

Page 18: Cascading Attack Damage. What is the real cost of a cyber-attack? The cost of the service attacked may not reflect the real amount of damage. Many other.

Cascading Damage

Page 19: Cascading Attack Damage. What is the real cost of a cyber-attack? The cost of the service attacked may not reflect the real amount of damage. Many other.

Cascading Damage Damage is tracked, as well which

dependencies cause the cascade.

Page 20: Cascading Attack Damage. What is the real cost of a cyber-attack? The cost of the service attacked may not reflect the real amount of damage. Many other.

Cascade Modeling JAC can provide a graphical representation

of the damage cascade of an attack.

Page 21: Cascading Attack Damage. What is the real cost of a cyber-attack? The cost of the service attacked may not reflect the real amount of damage. Many other.

Cascading Damage The value of damage to each object is

determined, as is total attack damage.

Page 22: Cascading Attack Damage. What is the real cost of a cyber-attack? The cost of the service attacked may not reflect the real amount of damage. Many other.

Future Work Detailed economic model for dependency

coefficients. Compensation between dependencies. Temporal modeling. Java Bean representation of rules, allowing

for flexibility in software architecture. Jess / Rete engine optimizations


Related Documents
Repeat Calls - Assessing the Damage and Calculating the Cost

Repeat Calls - Assessing the Damage and Calculating the Cost

Category: Business
Minimum-Cost Network Hardening Using Attack …users.encs.concordia.ca/~wang/minij.pdfMinimum-Cost Network Hardening Using Attack Graphs Lingyu Wang, Steven Noel, Sushil Jajodia Center

Minimum-Cost Network Hardening Using Attack...

Category: Documents
Probabilistic Benefit-Cost Analysis for Earthquake Damage ......Probabilistic Benefit-Cost Analysis for Earthquake Damage Mitigation: Evaluating Measures for Apartment Houses in Turkey

Probabilistic Benefit-Cost Analysis for Earthquake Damage...

Category: Documents
EDISTO BEACH COASTAL STORM DAMAGE … STORM DAMAGE REDUCTION GENERAL INVESTIGATION STUDY . ... Construction Cost Estimating Guide for Civil Works, ... Civil Works Cost …

EDISTO BEACH COASTAL STORM DAMAGE … STORM DAMAGE REDUCTION...

Category: Documents
NTRU Prime: reducing attack surface at low cost · 2017. 8. 17. · NTRU Prime: reducing attack surface at low cost Daniel J. Bernstein1, Chitchanok Chuengsatiansup2, Tanja Lange

NTRU Prime: reducing attack surface at low cost · 2017. 8....

Category: Documents
The Cost of DDoS Attack: Risk Assessment, Mitigation and Protection for Businesses

The Cost of DDoS Attack: Risk Assessment, Mitigation and...

Category: Technology
Economic Analysis Flood Damage Reduction Cost Benefits · Economic Analysis – Flood Damage Reduction Cost Benefits ... (Tables 11a & 11b) ... Bank Stabilization Costs and FEMA-based

Economic Analysis Flood Damage Reduction Cost Benefits ·.....

Category: Documents
BCA Data Documentation Template – Damage · Web viewBenefit-Cost Analysis (BCA) Data Documentation Template – Damage-Frequency Assessment FEMA reviews Benefit-Cost Analyses (BCAs)

BCA Data Documentation Template – Damage · Web...

Category: Documents
Chris Carlson’s Variable Damage Effects - Clash of Armsclashofarms.com/files/Variable_Damage_Effects.pdf · Variable Damage Effects in Naval ... Attack/Engage! ... – Often referred

Chris Carlson’s Variable Damage Effects - Clash of...

Category: Documents
Werewolf The Apocalypse - nerdarchy.com€¦Weapon/Attack Diff. Damage Range Rate Ammo Conceal Combat _____OOOOO Other Traits _____ ...

Werewolf The Apocalypse - nerdarchy.com€¦Weapon/Attack...

Category: Documents
Water Damage Cleanup Services Cost | emergencyfloodservices.ca

Water Damage Cleanup Services Cost |...

Category: Business
Damage Cost Modeling

Damage Cost Modeling

Category: Documents