Simulation-based optimization (SO) has been applied in many different application areas with the objective of searching for the settings of controllable decision variables that yield the minimum (maximum) expected performance of a stochastic system. Here we propose an SO method to deal with computer/network security related to systems for conditional access. The basic idea consists in designing and developing a simulation-based optimization tool to evaluate cyber attack tolerance along with the related performance degradation. In particular, we optimize training-based recovery actions aimed at restoring the target quality of service level for the services under attack while enhancing the knowledge of the human resources (i.e. analysts) engaged in defending cyber security assets. An illustrative example is presented to show how system performance varies according to whether the analysts in a cyber defense team (i.e. the controllable decision variables) are called to work alone or in consultation with other analysts.
Managing cyber security resources via simulation-based optimization
LEGATO Pasquale;MAZZA Rina Mary
2014-01-01
Abstract
Simulation-based optimization (SO) has been applied in many different application areas with the objective of searching for the settings of controllable decision variables that yield the minimum (maximum) expected performance of a stochastic system. Here we propose an SO method to deal with computer/network security related to systems for conditional access. The basic idea consists in designing and developing a simulation-based optimization tool to evaluate cyber attack tolerance along with the related performance degradation. In particular, we optimize training-based recovery actions aimed at restoring the target quality of service level for the services under attack while enhancing the knowledge of the human resources (i.e. analysts) engaged in defending cyber security assets. An illustrative example is presented to show how system performance varies according to whether the analysts in a cyber defense team (i.e. the controllable decision variables) are called to work alone or in consultation with other analysts.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.