Minimizing expected maximum risk from cyber-Attacks with probabilistic attack success

Tanveer Hossain Bhuiyan, Apurba K. Nandi, Hugh Medal, Mahantesh Halappanavar

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

17 Scopus citations

Abstract

Organizations are being hit by small and large multi-stage cyber-Attacks every day. One tool for integrating and analyzing many potential multi-stage attacks is the attack graph. Nodes of an attack graph represent attack states, and the arcs represent atomic attacks. The attack graph as a whole represents all the potential attack paths to compromise target nodes beginning from a set of initially vulnerable nodes. Given a limited budget, finding an optimal subset of arcs in the attack graph is an important problem in seeking to optimally deploy security countermeasures to minimize risks associated with potential cyber-Attacks. In this research, we develop a stochastic network interdiction model based on a probabilistic attack graph with uncertain attack success probabilities on arcs and formulate it as a two-stage stochastic mixed-integer linear program. We employ the sample average approximation scheme in conjunction with Benders decomposition approach to solve the resulting problem. Our model provides an optimal recommendation for countermeasure deployment in a stochastic environment. Results demonstrate the value of stochastic solutions and the variation of risk with the accuracy of estimates of attack success probabilities.

Original languageEnglish
Title of host publication2016 IEEE Symposium on Technologies for Homeland Security, HST 2016
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781509007707
DOIs
StatePublished - Sep 14 2016
Externally publishedYes
Event2016 IEEE Symposium on Technologies for Homeland Security, HST 2016 - Waltham, United States
Duration: May 10 2016May 11 2016

Publication series

Name2016 IEEE Symposium on Technologies for Homeland Security, HST 2016

Conference

Conference2016 IEEE Symposium on Technologies for Homeland Security, HST 2016
Country/TerritoryUnited States
CityWaltham
Period05/10/1605/11/16

Keywords

  • attack graph
  • mixed-integer programming
  • two-stage stochastic programming

Fingerprint

Dive into the research topics of 'Minimizing expected maximum risk from cyber-Attacks with probabilistic attack success'. Together they form a unique fingerprint.

Cite this