Optimal Backup Strategies Against Cyber Attacks

We introduce a new problem of finding the best way to protect a computer system against cyber and ransomware attacks by choosing an optimal backup scheme using k storage devices. While in standard backup schemes it is beneficial to backup as frequently as possible, in the case of sophisticated cyber attacks any attempt to connect a backup device to an already infected computer is likely to stealthily corrupt its data and thus make it unusable when the actual attack happens. Our formalization of the problem casts it as a special case of an online/offline optimization problem, in which the defender tries to minimize the maximal extra cost caused by his lack of knowledge about the time of the infection. Any backup scheme can be viewed as a very simple pebbling game where in each step any one of the k backup pebbles can be moved to any point to the right of all the pebbles along the time axis, and the goal of the game is to keep the pebbles as evenly spread as possible at all times. However, its optimal solution is surprisingly complicated and leads to interesting combinatorial questions which are reminiscent of questions in discrepancy theory. For small k's, we find provably optimal backup strategies for all k<10, and each case seems to be somewhat different: For k=3 the best schedule uses backup times which form a simple geometric progression based on the golden ratio, but already for k=4 there is no geometric progression can be optimal and the efficiency of the best online scheme is worse than the efficiency of the best offline scheme by a strange factor of 2/(1+cos(2pi/7)). For k=8 the optimal order of device updates is highly complicated: 1,2,4,7,5,3,1,7,5,3,7,1,4,2,4,5,... while for k=9 it is much simpler. We consider the case of arbitrarily large values of k, and prove a matching upper and lower bound of ln(4) on the asymptotic of optimal backup schemes when k goes to infinity.