- http://www.springer.com/us/book/9783319752679
Final published version

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Other chapter contribution

Published

NullPointerException
### Abstract

When looking at security incidents in Industrial Control System (ICS) networks, it appears that the interplay between an attacker and a defender can be modeled using a game-theoretic approach. Preparing a game require several steps, including the definition of attack and defense strategies, estimation of payoffs, etc. Specifically, during the preparation of a game, the estimation of payoffs (i.e. damage) for each possible scenario is one of its core tasks. However, damage estimation is not always a trivial task since it cannot be easily predicted, primarily due to incomplete information about the attack or due to external influences (e.g. weather conditions, etc.). Therefore, it is evident that describing the payoffs by means of a probability distribution may be an appropriate approach to deal with this uncertainty. In this chapter, we show that if the network structure of an organization is known, it is possible to estimate the payoff distribution by means of a stochastic spreading model. To this extend, the underlying network is modeled as a graph whose edges are classified depending on their properties. Each of these classes has a different probability of failure (e.g. probability of transmitting a malware). Finally, we demonstrate how these probabilities can be estimated, even if only subjective information is available.