期刊
NAVAL RESEARCH LOGISTICS
卷 66, 期 5, 页码 411-429出版社
WILEY
DOI: 10.1002/nav.21859
关键词
cybersecurity; infrastructure protection; Lagrangian relaxation; network interdiction models
资金
- National Science Foundation [1422768]
- Divn Of Social and Economic Sciences
- Direct For Social, Behav & Economic Scie [1422768] Funding Source: National Science Foundation
Information technology (IT) infrastructure relies on a globalized supply chain that is vulnerable to numerous risks from adversarial attacks. It is important to protect IT infrastructure from these dynamic, persistent risks by delaying adversarial exploits. In this paper, we propose max-min interdiction models for critical infrastructure protection that prioritizes cost-effective security mitigations to maximally delay adversarial attacks. We consider attacks originating from multiple adversaries, each of which aims to find a critical path through the attack surface to complete the corresponding attack as soon as possible. Decision-makers can deploy mitigations to delay attack exploits, however, mitigation effectiveness is sometimes uncertain. We propose a stochastic model variant to address this uncertainty by incorporating random delay times. The proposed models can be reformulated as a nested max-max problem using dualization. We propose a Lagrangian heuristic approach that decomposes the max-max problem into a number of smaller subproblems, and updates upper and lower bounds to the original problem via subgradient optimization. We evaluate the perfect information solution value as an alternative method for updating the upper bound. Computational results demonstrate that the Lagrangian heuristic identifies near-optimal solutions efficiently, which outperforms a general purpose mixed-integer programming solver on medium and large instances.
作者
我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。
推荐
暂无数据