selection of optimal countermeasure portfolio in it security planning
DESCRIPTION
Selection of optimal countermeasure portfolio in IT security planning. Adviser: Frank, Yeong -Sung Lin Presenter: Yi- Cin Lin. Model. NSP_E. Bi -objective. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/1.jpg)
Selection of optimal countermeasure portfolio in
IT security planningAdviser: Frank, Yeong-Sung Lin
Presenter: Yi-Cin Lin
![Page 2: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/2.jpg)
While this formulation has more variables than our original non-linear formulation, it should still solve more quickly than its non-linear counterpart.
Model
Single-objective
Risk-neutral Minimize expected cost SP_E
Risk-averse Minimization of expected worst-
case cost SP_CV
NSP_E
Bi-objective
![Page 3: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/3.jpg)
Notation
Total of potential scenarios.
Problem description
![Page 4: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/4.jpg)
Denote by the probability of threat .
Notation
The probability of attack scenario inthe presence of independent threat events is
Problem description
![Page 5: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/5.jpg)
Notation
◦ indicates that countermeasure totally
prevents successful attacks of threat .
◦ denotes that countermeasure is totally incapable of mitigating threat .
Problem description
![Page 6: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/6.jpg)
Notation
The subset of selected countermeasures must satisfy the available budget
constraint
Problem description
![Page 7: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/7.jpg)
This added level of specificity is necessary to maintain the linearity of the formulation.
Also, it improves the model’s flexibility by allowing for the possibility of a countermeasure being implemented at numerous levels.
Minimization of expected cost- NSP_E
![Page 8: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/8.jpg)
Countermeasure is selected at exactly one level i.e.,
Notation
Minimization of expected cost- NSP_E
![Page 9: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/9.jpg)
Model NSP_E: Minimize Expected Cost (1)
Subject to
Minimization of expected cost- NSP_E
COST
![Page 10: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/10.jpg)
Minimization of expected cost- SP_E
Single-objective
Risk-neutral Minimize expected cost SP_E
Risk-averse Minimization of expected worst-
case cost SP_CV
NSP_ENSP_E
Bi-objective
![Page 11: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/11.jpg)
The nonlinear objective function (1) can be replaced with a formula
Minimization of expected cost- SP_E
![Page 12: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/12.jpg)
In order to compute for each threat , a recursive procedure is proposed below.
Minimization of expected cost- SP_E
![Page 13: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/13.jpg)
For each threat and countermeasure can be calculated recursively as
follows.
The initial condition is
The remaining terms
Minimization of expected cost- SP_E
![Page 14: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/14.jpg)
In order to eliminate nonlinear terms in the right-hand side of Eq. (10), define an auxiliary variable
Minimization of expected cost- SP_E
![Page 15: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/15.jpg)
and, in particular, for
Minimization of expected cost- SP_E
![Page 16: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/16.jpg)
Minimization of expected cost- SP_E
![Page 17: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/17.jpg)
Minimization of expected cost- SP_E
![Page 18: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/18.jpg)
Comparison of Eqs. (12) and (15) produces to the following relation
Minimization of expected cost- SP_E
![Page 19: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/19.jpg)
Minimization of expected cost- SP_E
![Page 20: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/20.jpg)
The above procedure eliminates all variables
for each .
Summarizing, the proportion of successful attacks = in For each threat can be calculated recursively, using Eqs. (17), (16) and (13) with replaced by .
Minimization of expected cost- SP_E
![Page 21: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/21.jpg)
Model SP_E:Minimize Expected Cost (5)
subject to 1. Countermeasure selection constraints Eqs. (2) and (3).
Minimization of expected cost- SP_E
![Page 22: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/22.jpg)
Subject to 2. Surviving threats balance constraints
Minimization of expected cost- SP_E
(17)
(16)
(15)
![Page 23: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/23.jpg)
Minimize conditional value-at-risk
Single-objective
Risk-neutral Minimize expected cost SP_E
Risk-averse Minimization of expected worst-
case cost SP_CV
NSP_ENSP_E
Bi-objective
![Page 24: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/24.jpg)
![Page 25: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/25.jpg)
Notation
Model SP_CV:Minimize
Minimize conditional value-at-risk
![Page 26: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/26.jpg)
Subject to1. Countermeasure selection constraints:
Eqs. (2)–(3).2. Surviving threats balance constraints:
Eqs. (18)–(21).3. Risk constraints:
4. Non-negativity and integrality conditions: Eqs. (22)–(24)
Minimize conditional value-at-risk
![Page 27: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/27.jpg)
Minimize conditional value-at-risk
Single-objective
Risk-neutral Minimize expected cost
SP_ESP_E+B
Risk-averse Minimization of expected worst-
case cost SP_CV
SP_CV+B
Bi-objective
![Page 28: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/28.jpg)
Models SP_E and SP_CV can be enhanced for simultaneous optimization of the expenditures on countermeasures and the cost of losses from successful attacks.
◦ Removed constraints (3)
◦
Minimize conditional value-at-risk
![Page 29: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/29.jpg)
Model SP_E+BMinimize Required Budget and Expected Cost
subject to Eqs. (2), (18)–(24) and (28)
Minimize conditional value-at-risk
![Page 30: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/30.jpg)
Model SP_CV+BMinimize Required Budget and CVaR
subject to Eqs. (2) and (18)–(28)
Minimize conditional value-at-risk
![Page 31: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/31.jpg)
Introduction
Problem description
Model◦ Single-objective approach◦ Bi-objective approach
Computational examples
Conclusion
Agenda
![Page 32: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/32.jpg)
Bi-objective approach
Single-objective
Risk-neutral Minimize expected cost SP_E
Risk-averse Minimization of expected worst-
case cost SP_CV
NSP_ENSP_E
Bi-objective
![Page 33: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/33.jpg)
In the single objective approach the countermeasure portfolio is selected by minimizing either the expected loss (plus the required budget) or the expected worst-case loss (plus the required budget).
Bi-objective approach
![Page 34: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/34.jpg)
Model WSPMinimize
Subject to
Eqs. (2), (5) and (18)–(28)
Bi-objective approach
![Page 35: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/35.jpg)
Decision maker controls ◦ Risk of high losses by choosing the confidence
level α
◦ trade-off between expected and worst-case losses by choosing the trade-off parameter λ.
Bi-objective approach
![Page 36: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/36.jpg)
Introduction
Problem description
Model◦ Single-objective approach◦ Bi-objective approach
Computational examples
Conclusion
Agenda
![Page 37: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/37.jpg)
The data set is similar to the one presented in [20], which was based on the threat set reported on IT security forum EndpointSecurity.org
Computational examples
![Page 38: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/38.jpg)
Computational examples
![Page 39: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/39.jpg)
= , the number of threats and the number of countermeasures, were equal to 10, and the corresponding number of potential attack scenarios, was equal to 1024.
Computational examples
![Page 40: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/40.jpg)
Computational examples
![Page 41: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/41.jpg)
Computational examples
![Page 42: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/42.jpg)
Computational examples
![Page 43: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/43.jpg)
Computational examples
![Page 44: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/44.jpg)
Computational examples
![Page 45: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/45.jpg)
Computational examples
![Page 46: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/46.jpg)
Computational examples
![Page 47: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/47.jpg)
Computational examples
![Page 48: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/48.jpg)
For the bi-objective approach, the subsets of nondominated solutions were computed by parameterization on λ∈{0.01,0.10,0.25,0.50,0.75,0.90,0.99} the weighted-sum program WSP.
Computational examples
![Page 49: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/49.jpg)
Computational examples
![Page 50: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/50.jpg)
Computational examples
![Page 51: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/51.jpg)
A critical issue that needs to be considered before any practical application of the proposed models is attempted, however, is the estimation of probabilities and the resulting losses associated with each type of threats and countermeasures.
Conclusion
![Page 52: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/52.jpg)
In practice, threat likelihood estimates are provided by security experts (e.g., [24]) and complete distributional information is not available.
However, the proposed scenario-based approach does not require such a complete information to be available and only assumes independence of different threat events.
Conclusion
![Page 53: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/53.jpg)
The computational experiments prove that for a limited number of attack scenarios considered, the optimal risk-averse portfolio can be found within CPU seconds, using the Gurobi solver for mixed integer programming.
Conclusion
![Page 54: Selection of optimal countermeasure portfolio in IT security planning](https://reader035.vdocument.in/reader035/viewer/2022081520/568162bc550346895dd347bf/html5/thumbnails/54.jpg)
Thanks for your listening!