English

The structure of rooted weighted trees modeling layered cyber-security systems

Agnarsson Geir; Greenlaw Raymond; Kantabutra Sanpawat: The structure of rooted weighted trees modeling layered cyber-security systems. In: Acta cybernetica, (22) 4. pp. 25-59. (2016)

[thumbnail of actacyb_22_4_2016_2.pdf]
Előnézet
 Cikk, tanulmány, mű
actacyb_22_4_2016_2.pdf
Letöltés (492kB) | Előnézet

Absztrakt (kivonat)

In this paper we consider the structure and topology of a layered-security model in which the containers and their nestings are given in the form of a rooted tree T. A cyber-security model is an ordered three-tuple M = (T, C, P) where C and P are multisets of penetration costs for the containers and target-acquisition values for the prizes that are located within the containers, respectively, both of the same cardinality as the set of the non-root vertices of T. The problem that we study is to assign the penetration costs to the edges and the target-acquisition values to the vertices of the tree T in such a way that minimizes the total prize that an attacker can acquire given a limited budget. The attacker breaks into containers starting at the root of T and once a vertex has been broken into, its children can be broken into by paying the associated penetration costs. The attacker must deduct the corresponding penetration cost from the budget, as each new container is broken into. For a given assignment of costs and target values we obtain a security system. We show that in general it is not possible to develop an optimal security system for a given cyber-security model M. We define P- and C-models where the penetration costs and prizes, respectively, all have unit value. We show that if T is a rooted tree such that any P- or C-model M = (T, C, P) has an optimal security system, then T is one of the following types: (i) a rooted path, (ii) a rooted star, (iii) a rooted 3-caterpillar, or (iv) a rooted 4-spider. Conversely, if T is one of these four types of trees, then we show that any P- or C-model M = (T, C, P) does have an optimal security system. Finally, we study a duality between P- and C-models that allows us to translate results for P-models into corresponding results for C-models and vice versa. The results obtained give us some mathematical insights into how layered-security defenses should be organized.

Mű típusa: Cikk, tanulmány, mű
Befoglaló folyóirat/kiadvány címe: Acta cybernetica
Dátum: 2016
Kötet: 22
Szám: 4
ISSN: 0324-721X
Oldalak: pp. 25-59
Nyelv: angol
Kiadás helye: Szeged
Befoglaló mű URL: http://acta.bibl.u-szeged.hu/46414/
DOI: 10.14232/actacyb.22.4.2016.2
Kulcsszavak: Számítógépes támadások - biztonság, Vírusvédelem
Megjegyzések: Bibliogr.: p. 768-769. ; összefoglalás angol nyelven
Szakterület: 01. Természettudományok
01. Természettudományok > 01.02. Számítás- és információtudomány
Feltöltés dátuma: 2017. már. 16. 14:27
Utolsó módosítás: 2022. jún. 20. 12:04
URI: http://acta.bibl.u-szeged.hu/id/eprint/46418
Bővebben:
Tétel nézet Tétel nézet
Itt kérhet technikai vagy tartalmi segítséget: contenta AT ek.szte.hu
SZTE Egyetemi Kiadványok is powered by EPrints 3 which is developed by the School of Electronics and Computer Science at the University of Southampton. More information and software credits.