Optimal security hardening on attack tree models of networks: a cost-benefit analysis

Authors:
Rinku Dewri;Indrajit Ray;Nayot Poolsappasit;Darrell Whitley
Affiliations:
University of Denver, Department of Computer Science, 80208, Denver, CO, USA;Colorado State University, Department of Computer Science, 80523, Fort Collins, CO, USA;Missouri University of Science and Technology, Department of Computer Science, 65409, Rolla, MO, USA;Colorado State University, Department of Computer Science, 80523, Fort Collins, CO, USA
Venue:
International Journal of Information Security
Year:
2012

Citing 0
Cited 2

Attributed multi-objective comprehensive learning particle swarm optimization for optimal security of networks

Applied Soft Computing
Building a reputation-based bootstrapping mechanism for newcomers in collaborative alert systems

Journal of Computer and System Sciences

Quantified Score

Hi-index	0.00

Visualization

Abstract

Researchers have previously looked into the problem of determining whether a given set of security hardening measures can effectively make a networked system secure. However, system administrators are often faced with a more challenging problem since they have to work within a fixed budget which may be less than the minimum cost of system hardening. An attacker, on the other hand, explores alternative attack scenarios to inflict the maximum damage possible when the security controls are in place, very often rendering the optimality of the controls invalid. In this work, we develop a systematic approach to perform a cost-benefit analysis on the problem of optimal security hardening under such conditions. Using evolutionary paradigms such as multi-objective optimization and competitive co-evolution, we model the attacker-defender interaction as an “arms race”, and explore how security controls can be placed in a network to induce a maximum return on investment.