IRIS

Current approaches to estimate the risk of compromise are based on either historical data or pure technical assessments, such as the number and severity of vulnerabilities in the target network. We propose a novel experimental approach for estimating the risk of compromise based on experimental data, as opposed to observational data, by leveraging on cyber ranges and capture the flag exercises. We identify the key design principles in terms of response and explanatory variables, specification of how they can be measured, and the overall block design from related experiments and approaches as well as assess their suitability and limitations.

An Experimental Approach for Estimating Cyber Risk: a Proposal Building upon Cyber Ranges and Capture the Flags / Di Tizio, Giorgio; Massacci, Fabio; Allodi, Luca; Dashevskyi, Stanislav; Mirkovic, Jelena. - ELETTRONICO. - (2020), pp. 56-65. (Intervento presentato al convegno 5th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2020 tenutosi a Virtual Event nel 7th September 2020) [10.1109/EuroSPW51379.2020.00016].

An Experimental Approach for Estimating Cyber Risk: a Proposal Building upon Cyber Ranges and Capture the Flags

Di Tizio, Giorgio;Massacci, Fabio;Allodi, Luca;Dashevskyi, Stanislav;
2020-01-01

Abstract

Current approaches to estimate the risk of compromise are based on either historical data or pure technical assessments, such as the number and severity of vulnerabilities in the target network. We propose a novel experimental approach for estimating the risk of compromise based on experimental data, as opposed to observational data, by leveraging on cyber ranges and capture the flag exercises. We identify the key design principles in terms of response and explanatory variables, specification of how they can be measured, and the overall block design from related experiments and approaches as well as assess their suitability and limitations.
2020
EUROS&PW 2020
Washington
IEEE Computer Society
978-1-7281-8597-2
2-s2.0-85097082419
WOS:000630275400007
Di Tizio, Giorgio; Massacci, Fabio; Allodi, Luca; Dashevskyi, Stanislav; Mirkovic, Jelena
An Experimental Approach for Estimating Cyber Risk: a Proposal Building upon Cyber Ranges and Capture the Flags / Di Tizio, Giorgio; Massacci, Fabio; Allodi, Luca; Dashevskyi, Stanislav; Mirkovic, Jelena. - ELETTRONICO. - (2020), pp. 56-65. (Intervento presentato al convegno 5th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2020 tenutosi a Virtual Event nel 7th September 2020) [10.1109/EuroSPW51379.2020.00016].
File in questo prodotto:
File Dimensione Formato  
An_Experimental_Approach_for_Estimating_Cyber_Risk_a_Proposal_Building_upon_Cyber_Ranges_and_Capture_the_Flags.pdf

Solo gestori archivio

Tipologia: Versione editoriale (Publisher’s layout)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 157.41 kB
Formato Adobe PDF
  Visualizza/Apri
157.41 kB Adobe PDF   Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/278390
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 6
  • ???jsp.display-item.citation.isi??? 2
  • OpenAlex ND
social impact