IDEAS home Printed from https://ideas.repec.org/a/taf/lstaxx/v49y2020i9p2158-2175.html
   My bibliography  Save this article

A stochastic model of cyber attacks with imperfect detection

Author

Listed:
  • Rui Fang
  • Xiaohu Li

Abstract

This paper introduces a cyber security model with imperfect detection, in which one attacker launches multiple attacks against the target with adjusted strength based on the previous attacking outcome. Several sufficient conditions leading to the usual stochastic order on the first time to observe a truly compromised target, to observe a successful attack and to compromise the target are developed, respectively. The probability for the target to be truly compromised before observing some number of successful attacks is proved to increase (decrease) in the attacking (defense) strength. Monte Carlo simulations are also conducted to empirically illustrate the theoretical results.

Suggested Citation

  • Rui Fang & Xiaohu Li, 2020. "A stochastic model of cyber attacks with imperfect detection," Communications in Statistics - Theory and Methods, Taylor & Francis Journals, vol. 49(9), pages 2158-2175, May.
    • Handle: RePEc:taf:lstaxx:v:49:y:2020:i:9:p:2158-2175
    DOI: 10.1080/03610926.2019.1568489
    as

    Download full text from publisher

    File URL: http://hdl.handle.net/10.1080/03610926.2019.1568489
    Download Restriction: Access to full text is restricted to subscribers.
    File URL: https://libkey.io/10.1080/03610926.2019.1568489?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Hausken, Kjell, 2017. "Defense and attack for interdependent systems," European Journal of Operational Research, Elsevier, vol. 256(2), pages 582-591.
    2. Vicki Bier & Santiago Oliveros & Larry Samuelson, 2007. "Choosing What to Protect: Strategic Defensive Allocation against an Unknown Attacker," Journal of Public Economic Theory, Association for Public Economic Theory, vol. 9(4), pages 563-587, August.
    3. Levitin, Gregory & Hausken, Kjell, 2009. "Parallel systems under two sequential attacks," Reliability Engineering and System Safety, Elsevier, vol. 94(3), pages 763-772.
    4. Hausken, Kjell, 2010. "Defense and attack of complex and dependent systems," Reliability Engineering and System Safety, Elsevier, vol. 95(1), pages 29-42.
    5. Hu, Xiaoxiao & Xu, Maochao & Xu, Shouhuai & Zhao, Peng, 2017. "Multiple cyber attacks against a target with observation errors and dependent outcomes: Characterization and optimization," Reliability Engineering and System Safety, Elsevier, vol. 159(C), pages 119-133.
    6. K Hausken & G Levitin, 2009. "Parallel systems with different types of defence resource expenditure under two sequential attacks," Journal of Risk and Reliability, , vol. 223(1), pages 71-85, March.
    7. Gregory Levitin & Kjell Hausken, 2012. "Resource Distribution in Multiple Attacks with Imperfect Detection of the Attack Outcome," Risk Analysis, John Wiley & Sons, vol. 32(2), pages 304-318, February.
    8. Emilio De Santis & Fabio Spizzichino, 2016. "Usual and stochastic tail orders between hitting times for two Markov chains," Applied Stochastic Models in Business and Industry, John Wiley & Sons, vol. 32(4), pages 526-538, July.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Hu, Xiaoxiao & Xu, Maochao & Xu, Shouhuai & Zhao, Peng, 2017. "Multiple cyber attacks against a target with observation errors and dependent outcomes: Characterization and optimization," Reliability Engineering and System Safety, Elsevier, vol. 159(C), pages 119-133.
    2. Chen, Die & Xu, Maochao & Shi, Weidong, 2018. "Defending a cyber system with early warning mechanism," Reliability Engineering and System Safety, Elsevier, vol. 169(C), pages 224-234.
    3. Chen, Shun & Zhao, Xudong & Chen, Zhilong & Hou, Benwei & Wu, Yipeng, 2022. "A game-theoretic method to optimize allocation of defensive resource to protect urban water treatment plants against physical attacks," International Journal of Critical Infrastructure Protection, Elsevier, vol. 36(C).
    4. Abdolmajid Yolmeh & Melike Baykal-Gürsoy, 2019. "Two-Stage Invest–Defend Game: Balancing Strategic and Operational Decisions," Decision Analysis, INFORMS, vol. 16(1), pages 46-66, March.
    5. Qingqing Zhai & Rui Peng & Jun Zhuang, 2020. "Defender–Attacker Games with Asymmetric Player Utilities," Risk Analysis, John Wiley & Sons, vol. 40(2), pages 408-420, February.
    6. Dan Kovenock & Brian Roberson, 2012. "Strategic Defense And Attack For Series And Parallel Reliability Systems: Comment," Defence and Peace Economics, Taylor & Francis Journals, vol. 23(5), pages 507-515, October.
    7. Wei Wang & Francesco Di Maio & Enrico Zio, 2019. "Adversarial Risk Analysis to Allocate Optimal Defense Resources for Protecting Cyber–Physical Systems from Cyber Attacks," Risk Analysis, John Wiley & Sons, vol. 39(12), pages 2766-2785, December.
    8. Bose, Gautam & Konrad, Kai A., 2020. "Devil take the hindmost: Deflecting attacks to other defenders," Reliability Engineering and System Safety, Elsevier, vol. 204(C).
    9. Mohammad E. Nikoofal & Mehmet Gümüs, 2015. "On the value of terrorist’s private information in a government’s defensive resource allocation problem," IISE Transactions, Taylor & Francis Journals, vol. 47(6), pages 533-555, June.
    10. Rui Peng & Di Wu & Mengyao Sun & Shaomin Wu, 2021. "An attack-defense game on interdependent networks," Journal of the Operational Research Society, Taylor & Francis Journals, vol. 72(10), pages 2331-2341, October.
    11. Krishna Kalyanam & David Casbeer & Meir Pachter, 2020. "A sequential partial information bomber‐defender shooting problem," Naval Research Logistics (NRL), John Wiley & Sons, vol. 67(3), pages 223-235, April.
    12. Ben Yaghlane, Asma & Azaiez, M. Naceur, 2017. "Systems under attack-survivability rather than reliability: Concept, results, and applications," European Journal of Operational Research, Elsevier, vol. 258(3), pages 1156-1164.
    13. Starita, Stefano & Scaparra, Maria Paola, 2016. "Optimizing dynamic investment decisions for railway systems protection," European Journal of Operational Research, Elsevier, vol. 248(2), pages 543-557.
    14. Simon, Jay & Omar, Ayman, 2020. "Cybersecurity investments in the supply chain: Coordination and a strategic attacker," European Journal of Operational Research, Elsevier, vol. 282(1), pages 161-171.
    15. Xuefeng Wang & Zhinan Wang & Ying Huang & Yun Chen & Yi Zhang & Huichao Ren & Rongrong Li & Jinhui Pang, 2017. "Measuring interdisciplinarity of a research system: detecting distinction between publication categories and citation categories," Scientometrics, Springer;Akadémiai Kiadó, vol. 111(3), pages 2023-2039, June.
    16. Zhang, Jing & Zhuang, Jun & Jose, Victor Richmond R., 2018. "The role of risk preferences in a multi-target defender-attacker resource allocation game," Reliability Engineering and System Safety, Elsevier, vol. 169(C), pages 95-104.
    17. Gao, Xing & Zhong, Weijun & Mei, Shue, 2013. "A game-theory approach to configuration of detection software with decision errors," Reliability Engineering and System Safety, Elsevier, vol. 119(C), pages 35-43.
    18. Konrad, Kai A., 2020. "Attacking and defending multiple valuable secrets in a big data world," European Journal of Operational Research, Elsevier, vol. 280(3), pages 1122-1129.
    19. Xiao, Hui & Lin, Chen & Kou, Gang & Peng, Rui, 2020. "Optimal resource allocation for defending k-out-of-n systems against sequential intentional and unintentional impacts," Reliability Engineering and System Safety, Elsevier, vol. 201(C).
    20. Li, Qing & Li, Mingchu & Zhang, Runfa & Gan, Jianyuan, 2021. "A stochastic bilevel model for facility location-protection problem with the most likely interdiction strategy," Reliability Engineering and System Safety, Elsevier, vol. 216(C).

    More about this item

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:taf:lstaxx:v:49:y:2020:i:9:p:2158-2175. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Chris Longhurst (email available below). General contact details of provider: http://www.tandfonline.com/lsta .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.