@inproceedings{6d414fe60c404b77a27a0e6a68f5c778,
title = "Considering technical and financial impact in the selection of security countermeasures against Advanced Persistent Threats (APTs)",
abstract = "This paper presents a model to evaluate and select security countermeasures from a pool of candidates. The model performs industrial evaluation and simulations of the financial and technical impact associated to security countermeasures. The financial impact approach uses the Return On Response Investment (RORI) index to compare the expected impact of the attack when no response is enacted against the impact after applying security countermeasures. The technical impact approach evaluates the protection level against a threat, in terms of confidentiality, integrity, and availability. We provide a use case on malware attacks that shows the applicability of our model in selecting the best countermeasure against an Advanced Persistent Threat.",
keywords = "Investment, Malware, Mathematical model, Measurement, Organizations, Risk management",
author = "Granadillo, \{Gustavo Gonzalez\} and Joaquin Garcia-Alfaro and Herve Debar and Christophe Ponchel and Martin, \{Laura Rodriguez\}",
note = "Publisher Copyright: {\textcopyright} 2015 IEEE.; 7th International Conference on New Technologies, Mobility and Security, NTMS 2015 ; Conference date: 27-07-2015 Through 29-07-2015",
year = "2015",
month = sep,
day = "14",
doi = "10.1109/NTMS.2015.7266480",
language = "English",
series = "2015 7th International Conference on New Technologies, Mobility and Security - Proceedings of NTMS 2015 Conference and Workshops",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
editor = "Mohamad Badra and Azzedine Boukerche and Pascal Urien and Azzedine Boukerche",
booktitle = "2015 7th International Conference on New Technologies, Mobility and Security - Proceedings of NTMS 2015 Conference and Workshops",
}