On optimal strategies in protecting computer networks

Strategies of defending a computer network against random attacks are modeled by probabilistic methods. A single-stage model is introduced to find the optimal allocation of the resources of the administrator when the network has multiple possible targets. The location of the actual attack is random, the probability of which can be assessed by the administrator from previous interactions with the attacker and based on intelligence information. The expected value and the variance are combined to find the certain equivalent of the outcome, which depends on the allocation of the resources of the administrator between the vulnerabilities of the network. The mathematical model is a nonconvex programming problem, so application of standard optimization techniques cannot guarantee global optimum. By introducing new decision variables the problem can be transformed into a convex problem, the optimal solutions of which can be determined by a simple algorithm by solving a single-variable monotonic equation. This procedure makes the administrator able to find optimal resource allocations very fast and therefore can respond almost instantaneously.