EURO 2024 Copenhagen
Abstract Submission

EURO-Online login

2728. Group MCDM Methodology for Cyber Attack Mitigation and Response

Invited abstract in session MB-47: MCDA applications in Engineering and Management 2, stream Multiple Criteria Decision Analysis.

Monday, 10:30-12:00
Room: 50 (building: 324)

Authors (first author is the speaker)

1. Andrej Bregar
Informatika
2. Jose Luis Flores
IKERLAN
3. Anas Husseis
Cyber Security, Internet of Trust

Abstract

Due to the high complexity and relevance of cybersecurity, efficient management of cyber attacks and threats is becoming a strategic technology trend. It elevates the resilience of ecosystems through the use of reactive and proactive strategies, which rely on standardized incident response procedures and the implementation of suitable mitigation countermeasures to prevent cyber attacks. The selection of actions is a multi-criteria problem encompassing technical and organizational aspects that must deal with benefits, costs, and the cascading effects between dependent assets. A group decision-making setting is required to incorporate the opinions of different experts on the information, business, and organizational levels. We hence introduce a comprehensive group decision-making process that helps security operations centres assess and choose cybersecurity actions. It applies the Delphi technique to unify the judgments of decision-makers and is aligned with the MCDM model that equivalently uses the quantitative or qualitative value function based on the standard scoring system. The veto function is also aggregated to prevent the selection of actions with an insufficient improvement in efficiency. The model considers criteria from the common CIA, ISO/IEC, and NESCOR standards. The framework utilizes the mappings between compromised assets, vulnerabilities, attack techniques, and responses. It further enhances analytics through external data sources and sensitivity analysis.

Keywords

Status: accepted

Back to the list of papers