Abstract
We consider the Proactive Countermeasure Selection Problem (PCSP) for complex Information and Communication Technology (ICT) systems. Given 1) the Risk Assessment Graphs (RAGs), a set of digraphs, in which a node is either an access point which is the start point of an attacker, or an asset-vulnerability node to be secured; 2) a positive security threshold for each access point and each asset-vulnerability node; and 3) a set of countermeasures to deploy on the asset-vulnerability nodes, the PCSP consists in selecting the countermeasures placement with minimal cost, guaranteeing the security of all the most likely paths- from attackers point of view-between each access point and each asset-vulnerability node.We propose a bilevel programming model for the PCSP. We present two single-level reformulations of the bilevel program. The first formulation is a compact one, based on primal-dual optimality conditions. The second formulation is an extended one, employing an exponential number of path constraints. We propose a branch-and-cut algorithm to solve this formulation to optimality. Several series of experiments are conducted on random instances showing the efficiency of the branch-and-cut algorithm to solve the extended formulation. In addition, preliminary computational comparisons between the two formulations are discussed.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
