%0 Conference Proceedings
%T Ex-SDF: an extended service dependency framework for intrusion impact assessment
%+ Département Logique des Usages, Sciences sociales et Sciences de l'Information (LUSSI)
%+ Orange Labs [Caen]
%+ Laboratoire des sciences et techniques de l'information, de la communication et de la connaissance (UMR 3192) (Lab-STICC)
%+ Lab-STICC_TB_CID_SFIIS
%+ Télécom SudParis (TSP)
%A Kheir, Nizar
%A Cuppens-Bouhlahia, Nora
%A Cuppens, Frédéric
%A Debar, Hervé
%< avec comité de lecture
%Z 10481
%( IFIP Advances in Information and Communication Technology
%B 25th IFIP TC 11 International Information Security Conference (SEC) / Held as Part of World Computer Congress (WCC)
%C Brisbane, Australia
%Y Kai Rannenberg; Vijay Varadharajan; Christian Weber
%I Springer
%3 Security and Privacy - Silver Linings in the Cloud
%V AICT-330
%P 148-160
%8 2010-09-20
%D 2010
%R 10.1007/978-3-642-15257-3_14
%K Intrusion detection
%K Intrusion response
%Z Computer Science [cs]/Cryptography and Security [cs.CR]
%Z Computer Science [cs]/Networking and Internet Architecture [cs.NI]Conference papers
%X Information systems are increasingly dependent on highly distributed architectures that include multiple dependencies. Even basic attacks like script-kiddies have drastic effects on target systems as they easily spread through existing dependencies. Unless intrusion effects are accurately assessed, response systems will still be blinded when selecting optimal responses. In fact, using only response costs as a basis to select responses is still meaningless if not compared to intrusion costs. While conventional responses provoke mostly availability impacts, intrusions affect confidentiality, integrity and availability.This paper develops an approach to assess intrusion impacts on IT systems. It uses service dependencies as frames for propagating impacts. It goes beyond existing methods which mostly use dependability analysis techniques. It explores service privileges as being the main targets for attackers, and the tunable parameters for intrusion response. The approach presented in this paper is implemented as a simulation-based framework and demonstrated for the example of a vehicle reservation service.
%G English
%L hal-00565624
%U https://hal.science/hal-00565624
%~ UNIV-BREST
%~ INSTITUT-TELECOM
%~ CNRS
%~ UNIV-UBS
%~ TELECOM-BRETAGNE
%~ TELECOM-SUDPARIS
%~ IFIP
%~ IFIP-AICT
%~ IFIP-AICT-330
%~ LAB-STICC
%~ IFIP-TC
%~ IFIP-TC11
%~ IFIP-SEC
%~ LAB-STICC_TB
%~ IFIP-WCC
%~ IMTA_LUSSI
%~ LAB-STICC_IMTA
%~ IMT-ATLANTIQUE
%~ INSTITUTS-TELECOM