• DocumentCode
    3427918
  • Title

    Short Paper: Dynamic Risk Mitigation for ´Self-defending´ Network Security

  • Author

    Bambos, Nicholas

  • Author_Institution
    Stanford University
  • fYear
    2005
  • fDate
    05-09 Sept. 2005
  • Firstpage
    421
  • Lastpage
    424
  • Abstract
    We introduce1 a novel probabilistic modeling2 framework, which captures key performance tradeoffs arising in information network security. Given a set of resources available to protect and defend a network, how should those be dynamically configured to maximize the protection level? Different resource configurations enable various network defense modes. Besides the capital and operational costs of the resources, there are also ‘invasiveness’ costs associated with stresses that network users experience due to protection measures. How should these costs be balanced and how should the network dynamically configure its protection resources to efficiently defend itself? Taking a risk management point of view, we develop a parsimonious flexible model, capturing the above issues in a unified manner. The model enables the formulation of key optimization schemes for dynamically controlling the network defense modes via on-line algorithms. It provides a systematic design framework for ‘self-defending’ networks that can autonomously maintain their integrity in the presence of changing adverse conditions.
  • Keywords
    Communication system control; Computer networks; Computer worms; Costs; Information security; Inspection; Protection; Risk management; Stress; Switches;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Security and Privacy for Emerging Areas in Communications Networks, 2005. SecureComm 2005. First International Conference on
  • Print_ISBN
    0-7695-2369-2
  • Type

    conf

  • DOI
    10.1109/SECURECOMM.2005.35
  • Filename
    1607603