Cyberattacks targeting ICT systems are becoming every day more sophisticated and disruptive. Such malevolent actions are performed by ill-motivated entities (governments, states, administrations, etc.), often featuring almost unlimited resources, but also by skilled individuals due to the accessibility of the attacks source code. In this alarming scenario, the selection of the optimal set of countermeasures to fire against those attacks represents a primary necessity. While significant effort has been made toward the standardization of the representation of security-related knowledge such as vulnerabilities, weaknesses, and attacks, the intelligence surrounding the countermeasures field received considerably less attention. The paper at hand aims at contributing to the reaction ecosystem by proposing a standard representation of the countermeasure instances. With such a proposition, we address one of the critical challenges found in the literature, that is, the absence of a commonly-shared definition of remediations. To demonstrate the feasibility of our approach, we present several scenarios where some relevant countermeasures are efficiently enforced, resulting in mitigating the ongoing cyberthreat. Then, the advantages and disadvantages of our proposal are extensively discussed, opening the debate for novel and effective contributions in this research line.

This work would not have been possible without the inestimable contribution of:

• Pantaleone Nespoli
• Jorge Maestre Vidal

Pantaleone Nespoli, Félix Gómez Mármol, Jorge Maestre Vidal, «Battling against cyberattacks: Towards pre-standardization of countermeasures», Cluster Computing, vol. 24, no. 1, pp. 57-81, 2021

• Journal: Cluster Computing
• Category: Computer Science, Theory & Methods
• Rank: 50/109
• Quartile: Q2
• Impact Factor: 2.303