Mitigating multi-threats optimally in proactive threat management

Abstract

In turbulent economic times, the cost effectiveness of security measures is of the utmost importance when designing safeguards or countermeasures. This paper presents an optimal approach: MMT-O, Mitigating Multi-Threats Optimally, to meet the above challenges. The proposed approach is based on an optimum mitigation path set generation algorithm that provides optimal plans for threat/vulnerability management which can be adopted at the design level of the software life cycle. In MMT-O, a multi-threat attack graph is generated by combining all of the individual threats responsible for security compromise of the system. It identifies a unique set of attacks needing mitigation by removing redundant nodes, as an attack can be a part of multiple threats. The proposed algorithm, implemented in Java, provides the minimum mitigation paths required to be blocked to avert the threat. Countermeasures using a multi-agent system are inducted in these identified mitigation paths to avert the threat optimally. The proposed approach has been applied on different test cases and the results validate its economic justification over traditional security solutions as a part of proactive threat management.