Accession Number:

ADA550373

Title:

Determining Asset Criticality for Cyber Defense

Descriptive Note:

Memo rept. Sep-May 2011

Corporate Author:

NAVAL RESEARCH LAB WASHINGTON DC

Personal Author(s):

Report Date:

2011-09-23

Pagination or Media Count:

37.0

Abstract:

Current cyber network defense practices lack a standard methodology to properly determine event priority. Events are generally handled on a first-come first-serve basis. Some limited knowledge of target assets is applied, but in a non-standard manner based on the decision-makers domain-specific knowledge. This not only requires proficient domain expertise, but is also very manpower intensive. We need an asset criticality metric that enables users to address events that target critical assets first. Determining asset criticality is not a trivial problem. The various contributing factors must be identified and combined. Hierarchical missions and commands that they support must be considered. Dependency relationships should also be factored in. In this paper, we report our ongoing research for determining asset criticality.

Subject Categories:

  • Computer Systems
  • Unconventional Warfare

Distribution Statement:

APPROVED FOR PUBLIC RELEASE