dc.contributor.author | Zhang, Y | |
dc.contributor.author | Malacaria, P | |
dc.date.accessioned | 2021-10-21T09:16:13Z | |
dc.date.available | 2021-10-21T09:16:13Z | |
dc.date.issued | 2021-02-01 | |
dc.identifier.issn | 1545-5971 | |
dc.identifier.uri | https://qmro.qmul.ac.uk/xmlui/handle/123456789/74641 | |
dc.description.abstract | IEEE A mathematical framework to reason about time resilience in cybersecurity is introduced. We first consider an attacker who can mount several multi-stage attacks on the organization: the defender's objective is to select an optimal portfolio of security controls, within a given budget, to withstand the highest number of attacks. The mathematical model is a Markov chain with an initial state called the safe state, intermediate states for all possible attacks (each attack state denoting a probabilistic attack graph), and a sink state denoting a successful attack. The overall defence problem is formulated as a bi-level multi-objective optimization, i.e. the defender selects an optimal portfolio of security controls to mitigate an optimal attacker. To determine the probability of success of an attack two cases will be considered: (a)the expected probability of success; (b)the highest probability of success. We refer to these two cases as expected-time analysis and worst-case time analysis. To solve precisely these bi-level optimizations strong duality and Mixed Integer Linear Programming are used. We then extend the framework to investigate resilience in terms of the total duration of the attacks; variations of the previous optimizations are presented to this purpose. Numerical evaluations are provided to compare the results obtained from the expected-time analysis and the worst-case time analysis. | en_US |
dc.publisher | IEEE | en_US |
dc.relation.ispartof | IEEE Transactions on Dependable and Secure Computing | |
dc.title | Optimization-Time Analysis for Cybersecurity | en_US |
dc.type | Article | en_US |
dc.rights.holder | © 2020 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. | |
dc.identifier.doi | 10.1109/TDSC.2021.3055981 | |
pubs.notes | Not known | en_US |
pubs.publication-status | Published | en_US |
rioxxterms.funder | Default funder | en_US |
rioxxterms.identifier.project | Default project | en_US |
qmul.funder | Customized and Adaptive approach for Optimal Cybersecurity Investment::Engineering and Physical Sciences Research Council | en_US |