nach oben

Erschienen in:

2016 | OriginalPaper | Buchkapitel

Efficient Numerical Frameworks for Multi-objective Cyber Security Planning

verfasst von : MHR. Khouzani, P. Malacaria, C. Hankin, A. Fielder, F. Smeraldi

Erschienen in: Computer Security – ESORICS 2016

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

We consider the problem of optimal investment in cyber-security by an enterprise. Optimality is measured with respect to the overall (1) monetary cost of implementation, (2) negative side-effects of cyber-security controls (indirect costs), and (3) mitigation of the cyber-security risk. We consider “passive” and “reactive” threats, the former representing the case where attack attempts are independent of the defender’s plan, the latter, where attackers can adapt and react to an implemented cyber-security defense. Moreover, we model in three different ways the combined effect of multiple cyber-security controls, depending on their degree of complementarity and correlation. We also consider multi-stage attacks and the potential correlations in the success of different stages. First, we formalize the problem as a non-linear multi-objective integer programming. We then convert them into Mixed Integer Linear Programs (MILP) that very efficiently solve for the exact Pareto-optimal solutions even when the number of available controls is large. In our case study, we consider 27 of the most typical security controls, each with multiple intensity levels of implementation, and 37 common vulnerabilities facing a typical SME. We compare our findings against expert-recommended critical controls. We then investigate the effect of the security models on the resulting optimal plan and contrast the merits of different security metrics. In particular, we show the superior robustness of the security measures based on the “reactive” threat model, and the significance of the hitherto overlooked role of correlations.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Banishing Misaligned Incentives for Validating Reports in Bug-Bounty Platforms

Nächstes Kapitel On Bitcoin Security in the Presence of Broken Cryptographic Primitives

Nur mit Berechtigung zugänglich

The loss \(\varLambda _{v}\) is enterprise dependent through their evaluation of different sources of disruption: An energy company may be primarily concerned with the availability of their service while a banking firm would assign a large weight to integrity of its data.

The assumptions that attacks are costless and the reward is linearly proportional to the security damage to the enterprise is important for this observation, and the fact that the attacks do not affect the indirect costs, for instance, through the assumption that if an exploitation attempt fails there is no damage associated with it.

The normalization is for numerical efficiency, such that the range of the objective functions becomes comparable, hence increasing the chances that a uniform sweeping of the weights even with a small number of steps finds all the Pareto solutions.

Note, however, that finding all Pareto solutions is not guaranteed in this method.

An alternative scalarization approach is the “epsilon-constraint” method. All of our MILP conversions can be modified for that method in a straightforward manner.

Hence, “mixed” integer linear program, as opposed to pure integer linear program.

Due to space limit, some of our evaluations were relegated to our technical report [9].

Anderson, R., Moore, T.: The economics of information security. Science 314(5799), 610–613 (2006)CrossRef

Butler, S.A.: Security attribute evaluation method: a cost-benefit approach. In: Proceedings of the 24th International Conference on Software Engineering. ACM (2002)

Cavusoglu, H., Raghunathan, S., Yue, W.T.: Decision-theoretic and game-theoretic approaches to it security investment. J. Manag. Inf. Syst. 25(2), 281–304 (2008)CrossRef

CESG: Common cyber attacks: Reducing the impact. https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/400106/Common_Cyber_Attacks-Reducing_The_Impact.pdf. Accessed on 13 April 2016

CESG (UK’s Nat. Tech. Authority for Inf. Assurance): 10 Steps to Cyber Security. https://www.cesg.gov.uk/10-steps-cyber-security. Accessed on 13 April 2016

Chinchuluun, A., Pardalos, P.M.: A survey of recent developments in multiobjective optimization. Ann. Oper. Res. 154(1), 29–50 (2007)MathSciNetCrossRefMATH

Dewri, R., Poolsappasit, N., Ray, I., Whitley, D.: Optimal security hardening using multi-objective optimization on attack tree models of networks. In: Proceedings of the 14th ACM Conference on Computer and Communications Security. ACM (2007)

Gupta, M., Rees, J., Chaturvedi, A., Chi, J.: Matching information security vulnerabilities to organizational security profiles: a genetic algorithm approach. Decis. Support Syst. 41(3), 592–603 (2006)CrossRef

Khouzani, M., Malacaria, P., Hankin, C., Fielder, A., Smeraldi, F.: Efficient numerical frameworks for multi-objective cyber security planning: Technical report. http://www.eecs.qmul.ac.uk/~khouzani/Papers/ESORICS16Techrep.pdf

10.

Marler, R.T., Arora, J.S.: Survey of multi-objective optimization methods for engineering. Struct. Multi. Optim. 26(6), 369–395 (2004)MathSciNetCrossRefMATH

11.

Nagurney, A., Nagurney, L.S., Shukla, S.: A supply chain game theory frame-work for cybersecurity investments under network vulnerability. In: Daras, N.J., Rassias, M.T. (eds.) Computation, Cryptography, and Network Security, pp. 381–398. Springer, Switzerland (2015)CrossRef

12.

Ojamaa, A., Tyugu, E., Kivimaa, J.: Pareto-optimal situaton analysis for selection of security measures. In: Military Communications Conference. IEEE (2008)

13.

Panaousis, E., Fielder, A., Malacaria, P., Hankin, C., Smeraldi, F.: Cybersecurity games and investments: a decision support approach. In: Poovendran, R., Saad, W. (eds.) GameSec 2014. LNCS, vol. 8840, pp. 266–286. Springer, Heidelberg (2014)

14.

Passeri, P.: HACKMAGEDDON, information security timelines and statistics. http://www.hackmageddon.com. Accessed on 19 April 2016

15.

Poolsappasit, N., Dewri, R., Ray, I.: Dynamic security risk management using bayesian attack graphs. IEEE Trans. Dependable Secure Comput. 9(1), 61–74 (2012)CrossRef

16.

Rees, L.P., Deane, J.K., Rakes, T.R., Baker, W.H.: Decision support for cybersecurity risk planning. Decis. Support Syst. 51(3), 493–505 (2011)CrossRef

17.

SANS: The critical security controls for effective cyber defense. https://www.sans.org/media/critical-security-controls/CSC-5.pdf. Accessed on 13 April 2016

18.

Sarala, R., Zayaraz, G., Vijayalakshmi, V.: Optimal selection of security countermeasures for effective information security. In: Padma Suresh, L., Panigrahi, B.K. (eds.) ICSCS 2015. AISC, vol. 398, pp. 345–353. Springer, Heidelberg (2015)

19.

Sawik, T.: Selection of optimal countermeasure portfolio in IT security planning. Decis. Support Syst. 55(1), 156–164 (2013)CrossRef

20.

Schechter, S.E.: Computer security strength & risk: a quantitative approach. Ph.d. thesis, Harvard University Cambridge, Massachusetts (2004)

21.

Syalim, A., Hori, Y., Sakurai, K.: Comparison of risk analysis methods: Mehari, magerit, nist800-30 and microsoft’s security management guide. In: International Conference on Availability, Reliability and Security. IEEE (2009)

22.

UK’s Department for Business, Innovation & Skills: Cyber Essentials Scheme. https://www.gov.uk/government/publications/cyber-essentials-scheme-overview. Accessed on 7 January 2016

23.

Ulungu, E.L., Teghem, J.: Multi-objective combinatorial optimization problems: a survey. J. Multi Criteria Decis. Anal. 3(2), 83–104 (1994)CrossRefMATH

24.

Viduto, V., Maple, C., Huang, W., López-Peréz, D.: A novel risk assessment and optimisation model for a multi-objective network security countermeasure selection problem. Decis. Support Syst. 53(3), 599–610 (2012)CrossRef

Titel: Efficient Numerical Frameworks for Multi-objective Cyber Security Planning
verfasst von: MHR. Khouzani
P. Malacaria
C. Hankin
A. Fielder
F. Smeraldi
Verlag: Springer International Publishing
Buch: Computer Security – ESORICS 2016
Print ISBN: 978-3-319-45740-6

Electronic ISBN: 978-3-319-45741-3

Copyright-Jahr: 2016
DOI: https://doi.org/10.1007/978-3-319-45741-3_10

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner