A mathematical framework to reason about time resilience in cybersecurity is here introduced. We first consider an attacker who is able to mount several multi-stage attacks on the organization: the defender’s objective is to select an optimal portfolio of security controls, within a given budget, to withstand the highest number of attacks. The mathematical model is a Markov chain with an initial state called the safe state, intermediate states for all possible attacks (each attack state denoting a probabilistic attack graph), and a sink state denoting a successful attack. The overall defence problem is formulated as a bi-level multi-objective optimization, i.e., the defender selects an optimal portfolio of security controls to mitigate an optimal attacker. In order to determine the probability of success of an attack two cases will be considered: (a) the expected probability of success and (b) the highest probability of success. We refer to these two cases as expected-time analysis and worst-case time analysis, respectively. To solve precisely these bi-level optimizations strong duality and Mixed Integer Linear Programming are used. We then extend the framework to investigate resilience in terms of the total duration of the attacks; variations of the previous optimizations are presented to this purpose. Finally numerical evaluations are provided to compare the results obtained from the expected-time analysis and the worst-case time analysis.
Read full abstract