Projekte pro Jahr
Abstract
In this paper, the RISKEE method for evaluating risk in cyber security is described. RISKEE is based on attack graphs and the Diamond model combined with the FAIR method for assessing and calculating risk. It can be used to determine the risks of cyber-security attacks as a basis for decision-making. It works by forwarding estimations of attack frequencies and probabilities over an attack graph, calculating the risk at impact nodes with Monte-Carlo simulation, and propagating the resulting risk backward again. The method can be applied throughout all development phases and even be refined at runtime of a system. It involves system analysts, cyber security experts as well as domain experts for judgement of the attack frequencies, system vulnerabilities, and loss magnitudes.
| Originalsprache | englisch |
|---|---|
| Titel | Systems, Software and Services Process Improvement - 26th European Conference, EuroSPI 2019, Proceedings |
| Redakteure/-innen | Alastair Walker, Rory V. O’Connor, Richard Messnarz |
| Herausgeber (Verlag) | Springer Verlag |
| Seiten | 45-56 |
| Seitenumfang | 12 |
| ISBN (Print) | 9783030280048 |
| DOIs | |
| Publikationsstatus | Veröffentlicht - Sep 2019 |
| Veranstaltung | 26th European Conference on Systems, Software and Services Process Improvement, EuroSPI 2019 - Edinburgh, Großbritannien / Vereinigtes Königreich Dauer: 18 Sep 2019 → 20 Sep 2019 |
Publikationsreihe
| Name | Communications in Computer and Information Science |
|---|---|
| Band | 1060 |
| ISSN (Print) | 1865-0929 |
| ISSN (elektronisch) | 1865-0937 |
Konferenz
| Konferenz | 26th European Conference on Systems, Software and Services Process Improvement, EuroSPI 2019 |
|---|---|
| Land | Großbritannien / Vereinigtes Königreich |
| Ort | Edinburgh |
| Zeitraum | 18/09/19 → 20/09/19 |
ASJC Scopus subject areas
- !!Computer Science(all)
- !!Mathematics(all)
Fields of Expertise
- Information, Communication & Computing
Fingerprint Untersuchen Sie die Forschungsthemen von „RISKEE: A Risk-Tree Based Method for Assessing Risk in Cyber Security“. Zusammen bilden sie einen einzigartigen Fingerprint.
Projekte
-
AH-DHYAMONT - Steuerungsplattform für Stromerzeugung aus Wasserkraft
Macher, G., Krisper, M., Dobaj, J. & Krug, T.
1/01/19 → 1/02/21
Projekt: Foschungsprojekt
-
Industrial Informatics
Höller, A., Preschern, C., Kreiner, C. J., Raschke, W., Sporer, H., Iber, J., Kajtazovic, N., Krisper, M., Sinnhofer, A. D., Macher, G., Rauter, T., Quaritsch, M., Dobaj, J. & Krug, T.
1/09/12 → …
Projekt: Arbeitsgebiet
-
AH-HyUnify-Erweiterung - Steuerungsplattform für Stromerzeugung aus Wasserkraft
Macher, G., Krisper, M. & Dobaj, J.
1/10/18 → 31/03/19
Projekt: Foschungsprojekt
Verwandte Tätigkeiten
- 1 Vortrag bei Konferenz oder Fachtagung
-
26th European Conference on System, Software and Service Process Improvement & Innovation: EuroSPI 2019
Jürgen Dobaj (Redner/in), Michael Krisper (Redner/in), Georg Macher (Redner/in), Georg Macher (Keynote speaker)18 Sep 2019 → 20 Sep 2019Aktivität: Vortrag oder Präsentation › Vortrag bei Konferenz oder Fachtagung › Science to science