DocumentCode
3427918
Title
Short Paper: Dynamic Risk Mitigation for ´Self-defending´ Network Security
Author
Bambos, Nicholas
Author_Institution
Stanford University
fYear
2005
fDate
05-09 Sept. 2005
Firstpage
421
Lastpage
424
Abstract
We introduce1 a novel probabilistic modeling2 framework, which captures key performance tradeoffs arising in information network security. Given a set of resources available to protect and defend a network, how should those be dynamically configured to maximize the protection level? Different resource configurations enable various network defense modes. Besides the capital and operational costs of the resources, there are also ‘invasiveness’ costs associated with stresses that network users experience due to protection measures. How should these costs be balanced and how should the network dynamically configure its protection resources to efficiently defend itself? Taking a risk management point of view, we develop a parsimonious flexible model, capturing the above issues in a unified manner. The model enables the formulation of key optimization schemes for dynamically controlling the network defense modes via on-line algorithms. It provides a systematic design framework for ‘self-defending’ networks that can autonomously maintain their integrity in the presence of changing adverse conditions.
Keywords
Communication system control; Computer networks; Computer worms; Costs; Information security; Inspection; Protection; Risk management; Stress; Switches;
fLanguage
English
Publisher
ieee
Conference_Titel
Security and Privacy for Emerging Areas in Communications Networks, 2005. SecureComm 2005. First International Conference on
Print_ISBN
0-7695-2369-2
Type
conf
DOI
10.1109/SECURECOMM.2005.35
Filename
1607603
Link To Document