Author
Listed:
- Alhidaifi, Saleh Mohammed
- Asghar, Muhammad Rizwan
- Ansari, Imran Shafique
Abstract
In today’s digital landscape, ensuring IT infrastructure resilience against increasingly frequent and sophisticated cyber-attacks is a critical priority. Cyber resilience is the ability of a system or organisation to anticipate and recover from cyber-attacks. Effective cyber resilience quantification enables systematic analysis and comparison of IT infrastructures. Cyber resilience involves resisting and recovering from cyber-attacks. Cyber resilience refers to the ability of a system to absorb, recover from, and adapt to cyber-attacks. However, existing approaches often fail to integrate dynamic probabilistic assessment methods that capture resilience fluctuations over time. This study introduces the Probabilistic Estimation-based Quantification Model for Cyber Resilience (PEQCRM), a novel framework that enhances cyber resilience measurement and strategic decision-making. The proposed model incorporates Resilience Curves (RC) and the Area Under the Curve (AUC) methodology to quantify resilience over attack and recovery phases. Additionally, it expands traditional resilience assessment by integrating cyber resilience strategies as key influencing factors. The PEQCRM model is evaluated through extensive simulations to assess its effectiveness in real-world cybersecurity scenarios. Findings reveal that different resilience strategies exhibit varying adoption, absorption, and recovery effectiveness levels. This study evaluates the extent to which a strategy can mitigate initial attack impact and adoption for the extent to which organisations implement and sustain strategy levels of four different cyber resilience strategies. Specifically, the pre-configuration strategy demonstrates the highest level of preparedness and adoption, while the buffering-supported strategy has the lowest absorption level. The managing complexity strategy achieves the highest absorption level, whereas the mesh topology strategy exhibits strong recovery capabilities and adoption rates.
Suggested Citation
Alhidaifi, Saleh Mohammed & Asghar, Muhammad Rizwan & Ansari, Imran Shafique, 2026.
"Cyber resilience quantification: A probabilistic estimation model for IT infrastructure,"
Reliability Engineering and System Safety, Elsevier, vol. 265(PB).
Handle:
RePEc:eee:reensy:v:265:y:2026:i:pb:s0951832025006738
DOI: 10.1016/j.ress.2025.111473
Download full text from publisher
As the access to this document is restricted, you may want to
for a different version of it.
Corrections
All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:reensy:v:265:y:2026:i:pb:s0951832025006738. See general information about how to correct material in RePEc.
If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.
We have no bibliographic references for this item. You can help adding them by using this form .
If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: https://www.journals.elsevier.com/reliability-engineering-and-system-safety .
Please note that corrections may take a couple of weeks to filter through
the various RePEc services.
Printed from https://ideas.repec.org/a/eee/reensy/v265y2026ipbs0951832025006738.html
My bibliography
Save this article