Ranking assets based on criticality and adversarial interest

PDF

Authors
  1. Kellett, M.
Corporate Authors
Defence Research and Development Canada, Ottawa Research Centre, Ottawa ON (CAN)
Abstract
We propose an approach to ranking computer network assets based on their criticality to an organization’s current operations and business functions and their strategic importance to the organization’s adversaries. An asset’s criticality is a measure of its current importance to the organization, while an adversary’s interest in the asset is a measure of its current importance to the adversary and, therefore, its future importance to the organization. We adapt techniques from existing work on asset criticality for use by a national defence organization. We also adapt these techniques to produce an adversarial interest score. We propose solutions for calculating these scores at the asset and the unit level and hybrid variants of both. We discuss options for combining asset criticality and adversarial interest scores to produce a list of assets or units ranked in order of their importance to the organization. The adversarial interest score can be used as an input to course-of-action recommendation algorithms. The combined ranked list of assets can be used by cyber defenders to prioritize the protection of assets within an organization.

Il y a un résumé en français ici.

Keywords
adversarial interest;asset criticality;technique for ordered preference by similarity to ideal solution (TOPSIS)
Report Number
DRDC-RDDC-2016-R168 — Scientific Report
Date of publication
01 Aug 2016
Number of Pages
62
DSTKIM No
CA043193
CANDIS No
804488
Format(s):
Electronic Document(PDF)

Permanent link

Document 1 of 1

Date modified: