Managing cyber security resources via simulation-based optimization

Simulation-based optimization (SO) has been applied in many different application areas with the objective of searching for the settings of controllable decision variables that yield the minimum (maximum) expected performance of a stochastic system. Here we propose an SO method to deal with computer/network security related to systems for conditional access. The basic idea consists in designing and developing a simulation-based optimization tool to evaluate cyber attack tolerance along with the related performance degradation. In particular, we optimize training-based recovery actions aimed at restoring the target quality of service level for the services under attack while enhancing the knowledge of the human resources (i.e. analysts) engaged in defending cyber security assets. An illustrative example is presented to show how system performance varies according to whether the analysts in a cyber defense team (i.e. the controllable decision variables) are called to work alone or in consultation with other analysts.

[1]  Chun-Hung Chen,et al.  Simulating network cyber attacks using splitting techniques , 2011, Proceedings of the 2011 Winter Simulation Conference (WSC).

[2]  Chun-Hung Chen,et al.  Simulating non-stationary congestion systems using splitting with applications to cyber security , 2010, Proceedings of the 2010 Winter Simulation Conference.

[3]  Lester Ingber,et al.  Simulated annealing: Practice versus theory , 1993 .

[4]  Hussein A. Abbass,et al.  Robo-Teacher: A Computational Simulation Based Educational System to Improve Cyber Security , 2012, RiTA.

[5]  Mhand Hifi,et al.  Heuristic algorithms for the multiple-choice multidimensional knapsack problem , 2004, J. Oper. Res. Soc..

[6]  Linda Candy,et al.  Designing collaborative environments for strategic knowledge in design , 2000, Knowl. Based Syst..

[7]  Long-Fei Wang,et al.  Simulation Optimization: A Review on Theory and Applications , 2013 .

[8]  Frederick Ducatelle,et al.  Ant colony optimization and local search for bin packing and cutting stock problems , 2004, J. Oper. Res. Soc..

[9]  Constantino Tsallis,et al.  Optimization by Simulated Annealing: Recent Progress , 1995 .

[10]  J. Banks,et al.  Discrete-Event System Simulation , 1995 .

[11]  Alain Hertz,et al.  Ants can colour graphs , 1997 .

[12]  A. Maria,et al.  Simulation Optimization: Methods And Applications , 1997, Winter Simulation Conference Proceedings,.

[13]  Alessandro Giua,et al.  Guest Editorial , 2001, Discrete event dynamic systems.

[14]  Anita D. D'Amico,et al.  The Real Work of Computer Network Defense Analysts , 2007, VizSEC.

[15]  Andreas Ekelhart,et al.  Simulation-based optimization of information security controls: An adversary-centric approach , 2013, 2013 Winter Simulations Conference (WSC).

[16]  Raghu Pasupathy,et al.  SimOpt: A library of simulation optimization problems , 2011, Proceedings of the 2011 Winter Simulation Conference (WSC).