Simulation-based optimization (SO) has been applied in many different application areas with the objective of searching for the settings of controllable decision variables that yield the minimum (maximum) expected performance of a stochastic system. Here we propose an SO method to deal with computer/network security related to systems for conditional access. The basic idea consists in designing and developing a simulation-based optimization tool to evaluate cyber attack tolerance along with the related performance degradation. In particular, we optimize training-based recovery actions aimed at restoring the target quality of service level for the services under attack while enhancing the knowledge of the human resources (i.e. analysts) engaged in defending cyber security assets. An illustrative example is presented to show how system performance varies according to whether the analysts in a cyber defense team (i.e. the controllable decision variables) are called to work alone or in consultation with other analysts.

Managing cyber security resources via simulation-based optimization

LEGATO Pasquale;MAZZA Rina Mary
2014

Abstract

Simulation-based optimization (SO) has been applied in many different application areas with the objective of searching for the settings of controllable decision variables that yield the minimum (maximum) expected performance of a stochastic system. Here we propose an SO method to deal with computer/network security related to systems for conditional access. The basic idea consists in designing and developing a simulation-based optimization tool to evaluate cyber attack tolerance along with the related performance degradation. In particular, we optimize training-based recovery actions aimed at restoring the target quality of service level for the services under attack while enhancing the knowledge of the human resources (i.e. analysts) engaged in defending cyber security assets. An illustrative example is presented to show how system performance varies according to whether the analysts in a cyber defense team (i.e. the controllable decision variables) are called to work alone or in consultation with other analysts.
978-88-97999-40-9
simulation optimization; cyber security; team formation and collaboration
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.11770/180975
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 2
  • ???jsp.display-item.citation.isi??? ND
social impact