Abstract:
The scale and complexity of cyber threats in digital enterprises hamper operators' ability to gather, prioritize and rationalize which security controls requirements shou...Show MoreMetadata
Abstract:
The scale and complexity of cyber threats in digital enterprises hamper operators' ability to gather, prioritize and rationalize which security controls requirements should be handled first to achieve rapid risk reduction. This paper presents a cyber digital twin, based on attack graph analytics, that automatically gathers and prioritizes security controls requirements at scale over active networks. The first-of-a-kind twin collects information about the computer network, associates it with attack tactics, measures the efficiency of implemented security controls requirements and automatically detects missing security controls. The twin also evaluates a cyber risk value using the attack graph and proposes prioritization of the detected requirements to rapidly reduce risk within existing system constraints. The cyber digital twin simulator offers several new risk reduction methods for automatically selecting security controls requirements. The necessary data for constructing a contextual cyber digital twin is defined, including the relationship between security controls and attack tactics. The paper illustrates the calculations used for ranking security controls' risk impact, the algorithm for security controls' requirements prioritization, and finally demonstrates successful results using a field experiment conducted via an active network.
Date of Conference: 31 August 2020 - 04 September 2020
Date Added to IEEE Xplore: 09 October 2020
ISBN Information: