|
|||||
|
|
Optimal security hardening on attack tree models of networks: a cost-benefit analysis |
|
| Authors: | Rinku Dewri Indrajit Ray Nayot Poolsappasit Darrell Whitley |
| Affiliation: | 1. Department of Computer Science, University of Denver, Denver, CO, 80208, USA 2. Department of Computer Science, Colorado State University, Fort Collins, CO, 80523, USA 3. Department of Computer Science, Missouri University of Science and Technology, Rolla, MO, 65409, USA |
| Abstract: | Researchers have previously looked into the problem of determining whether a given set of security hardening measures can effectively make a networked system secure. However, system administrators are often faced with a more challenging problem since they have to work within a fixed budget which may be less than the minimum cost of system hardening. An attacker, on the other hand, explores alternative attack scenarios to inflict the maximum damage possible when the security controls are in place, very often rendering the optimality of the controls invalid. In this work, we develop a systematic approach to perform a cost-benefit analysis on the problem of optimal security hardening under such conditions. Using evolutionary paradigms such as multi-objective optimization and competitive co-evolution, we model the attacker-defender interaction as an “arms race”, and explore how security controls can be placed in a network to induce a maximum return on investment. |
| Keywords: | |
| 本文献已被 SpringerLink 等数据库收录! | |