Skip to main content

A Pragmatic System-failure Assessment and Response Model

Happa, Jassim, Fairclough, Graham, Nurse, Jason R. C., Agrafiotis, Ioannis, Goldsmith, Michael, Creese, Sadie (2016) A Pragmatic System-failure Assessment and Response Model. In: 2nd International Conference on Information Systems Security and Privacy. . (KAR id:67494)

PDF Author's Accepted Manuscript
Language: English
Download (390kB) Preview
[thumbnail of ICISSP2016-hfnagc.pdf]
Preview
This file may not be suitable for users of assistive technology.
Request an accessible format

Abstract

Several attack models exist today that attempt to describe cyber-attacks to varying degrees of granularity. Fast and effective decision-making during cyber-attacks is often vital, especially during incidents in which reputation, finance and physical damage can have a crippling effect on people and organisations. Such attacks can render an organisation paralysed, and it may cease to function, we refer to such an incident as a “System Failure”. In this paper we propose a novel conceptual model to help analysts make pragmatic decisions during a System Failure. Our model distils the essence of attacks and provides an easy-to-remember framework intended to help analysts ask relevant questions at the right time, irrespective of what data is available to them. Using abstraction-based reasoning our model allows enterprises to achieve “some” situational awareness during a System Failure, but more importantly, enable them to act upon their understanding and to justify their decisions. Abstraction drives the reasoning process making the approach relevant today and in the future, unlike several existing models that become deprecated over time (as attacks evolve). In the future, it will be necessary to trial the model in exercises to assess its value.

Item Type: Conference or workshop item (Paper)
Uncontrolled keywords: Situational Awareness, Emerging Attack Methods, Triage, Future Threats, Cyber Resilience
Subjects: Q Science
T Technology
Divisions: Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Computing
Depositing User: Jason Nurse
Date Deposited: 03 Jul 2018 14:06 UTC
Last Modified: 16 Feb 2021 13:55 UTC
Resource URI: https://kar.kent.ac.uk/id/eprint/67494 (The current URI for this page, for reference purposes)
Nurse, Jason R. C.: https://orcid.org/0000-0003-4118-1680
  • Depositors only (login required):

Downloads

Downloads per month over past year