  


RiskAverse BiLevel Stochastic Network Interdiction Model for CyberSecurity Risk Management
Tanveer Hossain Bhuiyan(tbhuiyanvols.utk.edu) Abstract: Security of cyber networks is crucial; recent severe cyberattacks have had a devastating effect on many large organizations. The attack graph, which maps the potential attack paths of a cyber network, is a popular tool for analyzing cyber system vulnerability. In this study, we propose a bilevel stochastic network interdiction model on an attack graph to enable a riskaverse, resource constrained cyber network defender to optimally deploy security countermeasures that protect against attackers with an uncertain budget. This risk averse conditionalvalueatrisk (CVaR) model minimizes a weighted sum of the expected maximum loss over all scenarios and the expected maximum loss from the most damaging attack scenarios. We develop a customized constraint and column generation algorithm to solve our model as well as several acceleration techniques to improve the computational efficiency. Numerical experiments demonstrate that the acceleration techniques enable the solution of relatively large problems within a reasonable amount of time: applying all the acceleration techniques also reduces the average computation time of the basic algorithm by 71% for 100node graphs. Using metrics called meanrisk value of stochastic solution and value of riskaversion, computational results suggest that our stochastic riskaverse model significantly outperforms deterministic and riskneutral models when 1) the distribution of attacker budget is heavyrighttailed and 2) the defender is highly riskaverse. Keywords: Attack graph, Stackelberg game, mixedinteger programming, conditionalvalue atrisk, cybersecurity Category 1: Integer Programming ((Mixed) Integer Linear Programming ) Category 2: Stochastic Programming Category 3: Network Optimization Citation: Bhuiyan, T. H., Medal, H., Nandi, A., Halappanavar, M. (2019). RiskAverse BiLevel Stochastic Network Interdiction Model for CyberSecurity Risk Management. University of TennesseeKnoxville Download: [PDF] Entry Submitted: 05/30/2019 Modify/Update this entry  
Visitors  Authors  More about us  Links  
Subscribe, Unsubscribe Digest Archive Search, Browse the Repository

Submit Update Policies 
Coordinator's Board Classification Scheme Credits Give us feedback 
Optimization Journals, Sites, Societies  