IDEAS home Printed from https://ideas.repec.org/a/eee/ijocip/v32y2021ics1874548221000019.html
   My bibliography  Save this article

Risk-averse bi-level stochastic network interdiction model for cyber-security risk management

Author

Listed:
  • Bhuiyan, Tanveer Hossain
  • Medal, Hugh R.
  • Nandi, Apurba K.
  • Halappanavar, Mahantesh

Abstract

This paper proposes a methodology to enable a risk-averse, resource constrained cyber network defender to optimally deploy security countermeasures that protect against potential attackers with an uncertain budget. The proposed methodology is based on a risk-averse bi-level stochastic network interdiction model on an attack graph–maps the potential attack paths of a cyber network–that minimizes the weighted sum of the expected maximum loss over all attack scenarios and the risk of substantially large losses. The conditional-value-at-risk measure is incorporated into the stochastic programming model to reduce the risk of substantially large losses. An exact algorithm is developed to solve the model as well as several acceleration techniques to improve the computational efficiency. Numerical experiments demonstrate that the acceleration techniques enable the solution of relatively large problems within a reasonable amount of time: simultaneously applying all the acceleration techniques reduces the average computation time of the basic algorithm by 71% for 100-node graphs. Using metrics called mean-risk value of stochastic solution and value of risk-aversion, computational results suggest that the stochastic risk-averse model provides substantially better network interdiction decision than the deterministic (ignores uncertainty) and risk-neutral models when 1) the distribution of attacker budget is heavy-right-tailed and 2) the defender is highly risk-averse.

Suggested Citation

  • Bhuiyan, Tanveer Hossain & Medal, Hugh R. & Nandi, Apurba K. & Halappanavar, Mahantesh, 2021. "Risk-averse bi-level stochastic network interdiction model for cyber-security risk management," International Journal of Critical Infrastructure Protection, Elsevier, vol. 32(C).
    • Handle: RePEc:eee:ijocip:v:32:y:2021:i:c:s1874548221000019
    DOI: 10.1016/j.ijcip.2021.100408
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S1874548221000019
    Download Restriction: Full text for ScienceDirect subscribers only
    File URL: https://libkey.io/10.1016/j.ijcip.2021.100408?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Khouzani, MHR. & Liu, Zhengliang & Malacaria, Pasquale, 2019. "Scalable min-max multi-objective cyber-security optimisation over probabilistic attack graphs," European Journal of Operational Research, Elsevier, vol. 278(3), pages 894-903.
    2. Yoshiaki Toyoda, 1975. "A Simplified Algorithm for Obtaining Approximate Solutions to Zero-One Programming Problems," Management Science, INFORMS, vol. 21(12), pages 1417-1427, August.
    3. Bhuiyan, Tanveer Hossain & Medal, Hugh R. & Harun, Sarah, 2020. "A stochastic programming model with endogenous and exogenous uncertainty for reliable network design under random disruption," European Journal of Operational Research, Elsevier, vol. 285(2), pages 670-694.
    4. Bhuiyan, Tanveer Hossain & Moseley, Maxwell C. & Medal, Hugh R. & Rashidi, Eghbal & Grala, Robert K., 2019. "A stochastic programming model with endogenous uncertainty for incentivizing fuel reduction treatment under uncertain landowner behavior," European Journal of Operational Research, Elsevier, vol. 277(2), pages 699-718.
    5. Kaiyue Zheng & Laura A. Albert & James R. Luedtke & Eli Towle, 2019. "A budgeted maximum multiple coverage model for cybersecurity planning and management," IISE Transactions, Taylor & Francis Journals, vol. 51(12), pages 1303-1317, December.
    6. Santoso, Tjendera & Ahmed, Shabbir & Goetschalckx, Marc & Shapiro, Alexander, 2005. "A stochastic programming approach for supply chain network design under uncertainty," European Journal of Operational Research, Elsevier, vol. 167(1), pages 96-115, November.
    7. Jiang, J. & Liu, X., 2018. "Multi-objective Stackelberg game model for water supply networks against interdictions with incomplete information," European Journal of Operational Research, Elsevier, vol. 266(3), pages 920-933.
    8. Gerald G. Brown & W. Matthew Carlyle & Robert C. Harney & Eric M. Skroch & R. Kevin Wood, 2009. "Interdicting a Nuclear-Weapons Project," Operations Research, INFORMS, vol. 57(4), pages 866-877, August.
    9. O'Hanley, Jesse R. & Church, Richard L., 2011. "Designing robust coverage networks to hedge against worst-case facility losses," European Journal of Operational Research, Elsevier, vol. 209(1), pages 23-36, February.
    10. Elçi, Özgün & Noyan, Nilay, 2018. "A chance-constrained two-stage stochastic programming model for humanitarian relief network design," Transportation Research Part B: Methodological, Elsevier, vol. 108(C), pages 55-83.
    11. Collado, Ricardo & Meisel, Stephan & Priekule, Laura, 2017. "Risk-averse stochastic path detection," European Journal of Operational Research, Elsevier, vol. 260(1), pages 195-211.
    12. Yongjia Song & Siqian Shen, 2016. "Risk-Averse Shortest Path Interdiction," INFORMS Journal on Computing, INFORMS, vol. 28(3), pages 527-539, August.
    13. James T. Moore & Jonathan F. Bard, 1990. "The Mixed Integer Linear Bilevel Programming Problem," Operations Research, INFORMS, vol. 38(5), pages 911-921, October.
    14. Rockafellar, R. Tyrrell & Uryasev, Stanislav, 2002. "Conditional value-at-risk for general loss distributions," Journal of Banking & Finance, Elsevier, vol. 26(7), pages 1443-1471, July.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Li, Qing & Li, Mingchu & Tian, Yuan & Gan, Jianyuan, 2023. "A risk-averse tri-level stochastic model for locating and recovering facilities against attacks in an uncertain environment," Reliability Engineering and System Safety, Elsevier, vol. 229(C).

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Chaya Losada & M. Scaparra & Richard Church & Mark Daskin, 2012. "The stochastic interdiction median problem with disruption intensity levels," Annals of Operations Research, Springer, vol. 201(1), pages 345-365, December.
    2. Zhou, Rui & Bhuiyan, Tanveer Hossain & Medal, Hugh R. & Sherwin, Michael D. & Yang, Dong, 2022. "A stochastic programming model with endogenous uncertainty for selecting supplier development programs to proactively mitigate supplier risk," Omega, Elsevier, vol. 107(C).
    3. Li, Qing & Li, Mingchu & Zhang, Runfa & Gan, Jianyuan, 2021. "A stochastic bilevel model for facility location-protection problem with the most likely interdiction strategy," Reliability Engineering and System Safety, Elsevier, vol. 216(C).
    4. Beck, Yasmine & Ljubić, Ivana & Schmidt, Martin, 2023. "A survey on bilevel optimization under uncertainty," European Journal of Operational Research, Elsevier, vol. 311(2), pages 401-426.
    5. Matteo Fischetti & Ivana Ljubić & Michele Monaci & Markus Sinnl, 2019. "Interdiction Games and Monotonicity, with Application to Knapsack Problems," INFORMS Journal on Computing, INFORMS, vol. 31(2), pages 390-410, April.
    6. Gentile, José & Alves Pessoa, Artur & Poss, Michael & Costa Roboredo, Marcos, 2018. "Integer programming formulations for three sequential discrete competitive location problems with foresight," European Journal of Operational Research, Elsevier, vol. 265(3), pages 872-881.
    7. Bhuiyan, Tanveer Hossain & Medal, Hugh R. & Harun, Sarah, 2020. "A stochastic programming model with endogenous and exogenous uncertainty for reliable network design under random disruption," European Journal of Operational Research, Elsevier, vol. 285(2), pages 670-694.
    8. Li, Qing & Li, Mingchu & Tian, Yuan & Gan, Jianyuan, 2023. "A risk-averse tri-level stochastic model for locating and recovering facilities against attacks in an uncertain environment," Reliability Engineering and System Safety, Elsevier, vol. 229(C).
    9. Li, Qing & Li, Mingchu & Gong, Zhongqiang & Tian, Yuan & Zhang, Runfa, 2022. "Locating and protecting interdependent facilities to hedge against multiple non-cooperative limited choice attackers," Reliability Engineering and System Safety, Elsevier, vol. 223(C).
    10. Karabulut, Ezgi & Aras, Necati & Kuban Altınel, İ., 2017. "Optimal sensor deployment to increase the security of the maximal breach path in border surveillance," European Journal of Operational Research, Elsevier, vol. 259(1), pages 19-36.
    11. Losada, Chaya & Scaparra, M. Paola & O’Hanley, Jesse R., 2012. "Optimizing system resilience: A facility protection model with recovery time," European Journal of Operational Research, Elsevier, vol. 217(3), pages 519-530.
    12. Sahling, Florian & Kayser, Ariane, 2016. "Strategic supply network planning with vendor selection under consideration of risk and demand uncertainty," Omega, Elsevier, vol. 59(PB), pages 201-214.
    13. Fernández, Elena & Hinojosa, Yolanda & Puerto, Justo & Saldanha-da-Gama, Francisco, 2019. "New algorithmic framework for conditional value at risk: Application to stochastic fixed-charge transportation," European Journal of Operational Research, Elsevier, vol. 277(1), pages 215-226.
    14. Ghaffarinasab, Nader & Çavuş, Özlem & Kara, Bahar Y., 2023. "A mean-CVaR approach to the risk-averse single allocation hub location problem with flow-dependent economies of scale," Transportation Research Part B: Methodological, Elsevier, vol. 167(C), pages 32-53.
    15. Marius Häntsch & Arnd Huchzermeier, 2013. "Identifying, analyzing, and assessing risk in the strategic planning of a production network: the practical view of a German car manufacturer," Metrika: International Journal for Theoretical and Applied Statistics, Springer, vol. 24(2), pages 125-158, July.
    16. Liu, Kanglin & Li, Qiaofeng & Zhang, Zhi-Hai, 2019. "Distributionally robust optimization of an emergency medical service station location and sizing problem with joint chance constraints," Transportation Research Part B: Methodological, Elsevier, vol. 119(C), pages 79-101.
    17. Li, Yulong & Lin, Jie & Zhang, Chi & Zhu, Huaxing & Zeng, Saixing & Sun, Chengshaung, 2022. "Joint optimization of structure and protection of interdependent infrastructure networks," Reliability Engineering and System Safety, Elsevier, vol. 218(PB).
    18. Fischetti, Matteo & Monaci, Michele & Sinnl, Markus, 2018. "A dynamic reformulation heuristic for Generalized Interdiction Problems," European Journal of Operational Research, Elsevier, vol. 267(1), pages 40-51.
    19. Zhang, Ying & Snyder, Lawrence V. & Ralphs, Ted K. & Xue, Zhaojie, 2016. "The competitive facility location problem under disruption risks," Transportation Research Part E: Logistics and Transportation Review, Elsevier, vol. 93(C), pages 453-473.
    20. Liu Su & Changhyun Kwon, 2020. "Risk-Averse Network Design with Behavioral Conditional Value-at-Risk for Hazardous Materials Transportation," Transportation Science, INFORMS, vol. 54(1), pages 184-203, January.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:ijocip:v:32:y:2021:i:c:s1874548221000019. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: https://www.journals.elsevier.com/international-journal-of-critical-infrastructure-protection .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.