Bayesian Stackelberg games for cyber-security decision support
dc.contributor.author | Zhang, Y | |
dc.contributor.author | Malacaria, P | |
dc.date.accessioned | 2021-10-21T09:14:19Z | |
dc.date.available | 2021-10-21T09:14:19Z | |
dc.date.issued | 2021-09 | |
dc.identifier.issn | 0167-9236 | |
dc.identifier.other | ARTN 113599 | |
dc.identifier.uri | https://qmro.qmul.ac.uk/xmlui/handle/123456789/74640 | |
dc.description.abstract | A decision support system for cyber-security is here presented. The system aims to select an optimal portfolio of security controls to counteract multi-stage attacks. The system has several components: a preventive optimisation to select controls for an initial defensive portfolio, a learning mechanism to estimate possible ongoing attacks, and an online optimisation selecting an optimal portfolio to counteract ongoing attacks. The system relies on efficient solutions of bi-level optimisations, in particular, the online optimisation is shown to be a Bayesian Stackelberg game solution. The proposed solution is shown to be more efficient than both classical solutions like Harsanyi transformation and more recent efficient solvers. Moreover, the proposed solution provides significant security improvements on mitigating ongoing attacks compared to previous approaches. The novel techniques here introduced rely on recent advances in Mixed-Integer Conic Programming (MICP), strong duality and totally unimodular matrices. | en_US |
dc.publisher | Elsevier | en_US |
dc.relation.ispartof | DECISION SUPPORT SYSTEMS | |
dc.rights | This item is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made. | |
dc.rights | Attribution 3.0 United States | * |
dc.rights.uri | http://creativecommons.org/licenses/by/3.0/us/ | * |
dc.subject | Attack graphs | en_US |
dc.subject | Bayesian Stackelberg games | en_US |
dc.subject | Cyber-security | en_US |
dc.subject | Security games | en_US |
dc.subject | Security investment | en_US |
dc.title | Bayesian Stackelberg games for cyber-security decision support | en_US |
dc.type | Article | en_US |
dc.rights.holder | © 2021, The Author(s) | |
dc.identifier.doi | 10.1016/j.dss.2021.113599 | |
pubs.author-url | http://gateway.webofknowledge.com/gateway/Gateway.cgi?GWVersion=2&SrcApp=PARTNER_APP&SrcAuth=LinksAMR&KeyUT=WOS:000670424000009&DestLinkType=FullRecord&DestApp=ALL_WOS&UsrCustomerID=612ae0d773dcbdba3046f6df545e9f6a | en_US |
pubs.notes | Not known | en_US |
pubs.publication-status | Published | en_US |
pubs.volume | 148 | en_US |
rioxxterms.funder | Default funder | en_US |
rioxxterms.identifier.project | Default project | en_US |
qmul.funder | Customized and Adaptive approach for Optimal Cybersecurity Investment::Engineering and Physical Sciences Research Council | en_US |
Files in this item
Files | Size | Format | View |
---|---|---|---|
There are no files associated with this item. |
This item appears in the following Collection(s)
Except where otherwise noted, this item's license is described as This item is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made.