Thesis Type |
|
Student |
Hatice Taylan |
Status |
Finished |
Proposal on |
12/07/2024 11:45 am |
Proposal room |
Seminar room I5 6202 |
Supervisor(s) |
Stefan Decker |
Advisor(s) |
Mehdi Akbari G. osen |
Contact |
mehdi.akbari.gurabi@fit.fraunhofer.de oemer.sen@fit.fraunhofer.de |
This project aims to improve incident response in Industrial Control Systems (ICS) by developing an automated and context-aware method for selecting the most suitable incident response playbook. The approach focuses on using semantic knowledge representation, specifically ontologies, to organize and structure the cybersecurity information needed for decision-making. It also incorporates Multi-Criteria Decision Making (MCDM) techniques to systematically evaluate and compare candidate playbooks based on relevant criteria. The ultimate goal is to create a transparent, structured, and efficient process for playbook selection that takes into account the specific context of each attack, with plans to further enhance the method by integrating evaluation criteria such as cost, response time, and operational impact.
Seed papers:
https://www.sciencedirect.com/science/article/pii/S0167404823003644
https://www.mdpi.com/2076-3417/12/10/4880
Awesome playbook ontology: https://github.com/luduslibrum/awesome-playbooks/tree/main/analysis/coding
Basic knowledge in the domains of cyber security and power grid systems.