Bayesian Stackelberg games for cyber-security decision support

Zhang, Y; Malacaria, P

dc.contributor.author	Zhang, Y
dc.contributor.author	Malacaria, P
dc.date.accessioned	2021-10-21T09:14:19Z
dc.date.available	2021-10-21T09:14:19Z
dc.date.issued	2021-09
dc.identifier.issn	0167-9236
dc.identifier.other	ARTN 113599
dc.identifier.uri	https://qmro.qmul.ac.uk/xmlui/handle/123456789/74640
dc.description.abstract	A decision support system for cyber-security is here presented. The system aims to select an optimal portfolio of security controls to counteract multi-stage attacks. The system has several components: a preventive optimisation to select controls for an initial defensive portfolio, a learning mechanism to estimate possible ongoing attacks, and an online optimisation selecting an optimal portfolio to counteract ongoing attacks. The system relies on efficient solutions of bi-level optimisations, in particular, the online optimisation is shown to be a Bayesian Stackelberg game solution. The proposed solution is shown to be more efficient than both classical solutions like Harsanyi transformation and more recent efficient solvers. Moreover, the proposed solution provides significant security improvements on mitigating ongoing attacks compared to previous approaches. The novel techniques here introduced rely on recent advances in Mixed-Integer Conic Programming (MICP), strong duality and totally unimodular matrices.	en_US
dc.publisher	Elsevier	en_US
dc.relation.ispartof	DECISION SUPPORT SYSTEMS
dc.rights	This item is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made.
dc.rights	Attribution 3.0 United States	*
dc.rights.uri	http://creativecommons.org/licenses/by/3.0/us/	*
dc.subject	Attack graphs	en_US
dc.subject	Bayesian Stackelberg games	en_US
dc.subject	Cyber-security	en_US
dc.subject	Security games	en_US
dc.subject	Security investment	en_US
dc.title	Bayesian Stackelberg games for cyber-security decision support	en_US
dc.type	Article	en_US
dc.rights.holder	© 2021, The Author(s)
dc.identifier.doi	10.1016/j.dss.2021.113599
pubs.author-url	http://gateway.webofknowledge.com/gateway/Gateway.cgi?GWVersion=2&SrcApp=PARTNER_APP&SrcAuth=LinksAMR&KeyUT=WOS:000670424000009&DestLinkType=FullRecord&DestApp=ALL_WOS&UsrCustomerID=612ae0d773dcbdba3046f6df545e9f6a	en_US
pubs.notes	Not known	en_US
pubs.publication-status	Published	en_US
pubs.volume	148	en_US
rioxxterms.funder	Default funder	en_US
rioxxterms.identifier.project	Default project	en_US
qmul.funder	Customized and Adaptive approach for Optimal Cybersecurity Investment::Engineering and Physical Sciences Research Council	en_US

Files in this item

Files	Size	Format	View
There are no files associated with this item.

This item appears in the following Collection(s)

Electronic Engineering and Computer Science [3424]

Show simple item record

This item is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made.

Except where otherwise noted, this item's license is described as This item is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made.