Download Presentation

Selection of optimal countermeasure portfolio in IT security planning

138 Views

Download Presentation
## Selection of optimal countermeasure portfolio in IT security planning

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -

**Selection of optimal countermeasure portfolio in IT security**planning Adviser: Frank, Yeong-Sung Lin Presenter: Yi-Cin Lin**Model**• NSP_E • Bi-objective • While this formulation has more variables than ouroriginal non-linear formulation, it should still solve more quicklythan its non-linear counterpart.**Problem description**• Notation • Total of potential scenarios.**Problem description**• Denote by the probability of threat . • Notation • The probability of attack scenario in the presence of independent threat events is**Problem description**• Notation • indicates that countermeasure totally prevents successful attacks of threat . • denotes that countermeasure is totally incapable of mitigating threat .**Problem description**• Notation • The subset of selected countermeasures must satisfy the available budget constraint**Minimization of expected cost- NSP_E**• This added level of speciﬁcity is necessary to maintain the linearity ofthe formulation. • Also,it improves the model’s ﬂexibility by allowing for the possibility of a countermeasure being implemented at numerous levels.**Minimization of expected cost- NSP_E**• Countermeasure is selected at exactly one level i.e., • Notation**Minimization of expected cost- NSP_E**• Model NSP_E: Minimize Expected Cost (1) Subject to COST**Minimization of expected cost- SP_E**• NSP_E • Bi-objective • NSP_E**Minimization of expected cost- SP_E**• The nonlinear objective function (1) can be replaced with a formula**Minimization of expected cost- SP_E**• In order to compute for each threat , a recursive procedure is proposed below.**Minimization of expected cost- SP_E**• For each threat and countermeasure can be calculatedrecursively as follows. • The initial conditionis • The remaining terms**Minimization of expected cost- SP_E**• In order to eliminate nonlinear terms in the right-hand side of Eq. (10), deﬁne an auxiliary variable**Minimization of expected cost- SP_E**and, in particular, for**Minimization of expected cost- SP_E**• Comparison of Eqs. (12) and (15) produces to the following relation**Minimization of expected cost- SP_E**• The above procedure eliminates all variables for each. • Summarizing, the proportion of successful attacks = in Foreach threat can be calculated recursively, using Eqs. (17), (16) and(13) with replaced by.**Minimization of expected cost- SP_E**• Model SP_E: Minimize Expected Cost (5) subject to 1. Countermeasure selection constraints Eqs. (2) and (3).**Minimization of expected cost- SP_E**Subject to 2. Surviving threats balance constraints (17) (16) (15)**Minimize conditional value-at-risk**• NSP_E • Bi-objective • NSP_E**Minimize conditional value-at-risk**• Notation • Model SP_CV: Minimize**Minimize conditional value-at-risk**Subject to 1. Countermeasure selection constraints: Eqs. (2)–(3). 2. Surviving threats balance constraints: Eqs. (18)–(21). 3. Risk constraints: 4. Non-negativity and integrality conditions: Eqs. (22)–(24)**Minimize conditional value-at-risk**• Bi-objective**Minimize conditional value-at-risk**• Models SP_E and SP_CV can be enhanced for simultaneous optimization of the expenditures on countermeasures and the cost of losses from successful attacks. • Removed constraints (3)**Minimize conditional value-at-risk**• Model SP_E+B Minimize Required Budget and Expected Cost subject to Eqs. (2), (18)–(24) and (28)**Minimize conditional value-at-risk**• Model SP_CV+B Minimize Required Budget and CVaR subject to Eqs. (2) and (18)–(28)**Agenda**• Introduction • Problem description • Model • Single-objective approach • Bi-objective approach • Computational examples • Conclusion**Bi-objective approach**• NSP_E • Bi-objective • NSP_E**Bi-objective approach**• In the single objective approach the countermeasure portfolio is selected by minimizing either the expected loss (plus the required budget) or the expected worst-case loss (plus the required budget).**Bi-objective approach**• Model WSP Minimize Subject to Eqs. (2), (5) and (18)–(28)**Bi-objective approach**• Decision maker controls • Risk of high losses by choosing the conﬁdence level α • trade-off between expected and worst-case losses by choosing the trade-off parameter λ.**Agenda**• Introduction • Problem description • Model • Single-objective approach • Bi-objective approach • Computational examples • Conclusion**Computational examples**• The data set is similar to the one presented in [20], which was based on the threat set reported on IT security forum EndpointSecurity.org**Computational examples**• =,the number of threats and the number of countermeasures, were equal to 10, and the corresponding number of potential attack scenarios, was equal to 1024.**Computational examples**• For the bi-objective approach, the subsets of nondominated solutions were computed by parameterization on λ∈{0.01,0.10,0.25,0.50,0.75,0.90,0.99} the weighted-sum program WSP.