| UP | DOWN | ||
|---|---|---|---|
| Using Attack and Protection Trees to Analyze Threats and Defenses to Homeland Security | |||
| Edge,Kenneth | Air Force Institute of Technology | ||
| Raines,Richard | Air Force Institute of Technology | ||
| Mills,Robert | Air Force Institute of Technology | ||
| Dalton,George | Air Force Institute of Technology | ||
| Attacks against computer networks are a serious threat and occur quite often. Currently there are methods using attack trees that can be used to model how these attacks may occur. We have extended this concept to a new tree structure called a protection tree as a tool for decision makers to allocate limited resources towards the appropriate defenses against a specified attack. Protection trees ensure these limited resources are used in a manner to achieve the highest probability of success in stopping an attack. Protection trees are produced systematically by first developing an attack tree, computing metrics for each node of an attack, and then developing a corresponding protection tree with similar metrics. Eventually, libraries of attacks and available protections can be used to automate the process of developing the trees. An example attack and protection tree is used to notionally show how an organization such as the Department of Homeland Security can allocate resources to protect their computer networks from being compromised. Decision makers in the organization can use the resultant protection tree to determine where to allocate limited resources for the best protection of their network. | |||
| Kenneth Edge received the B.S. and M.S. degrees in Electrical Engineering from The United States Air Force Academy, Colorado Springs, CO in 1993 and Wright State University, Dayton, OH in 1998, respectively. He is currently pursuing his PhD in Electrical Engineering at The Air Force Institute of Technology, Wright-Patterson AFB, OH. His research interests include software and network security, advanced algorithms, auto-immune systems, and VLSI design. | |||