Security assessment of organization's information systems is becoming increasingly complex due to their growing sizes and underlying architectures, e.g., cloud. Analyzing potential attacks is a pragmatic approach that provides insightful information to achieve this purpose. In this work, we propose to synthesize defense configurations to counter sophisticated attack strategies minimizing resource usage while ensuring a high probability of success. For this, we combine Statistical Model Checking techniques with Genetic Algorithms. Experiments performed on real-life case studies show substantial improvements compared to existing techniques.
展开▼
