Theses and Dissertations

Issuing Body

Mississippi State University

Advisor

Medal, Hugh R.

Committee Member

Bian, Linkan

Committee Member

Halappanavar, Mahantesh

Committee Member

Sepehrifar, Mohammad

Date of Degree

8-10-2018

Document Type

Graduate Thesis - Open Access

Major

Industrial Engineering

Degree Name

Master of Science

College

James Worth Bagley College of Engineering

Department

Department of Industrial and Systems Engineering

Abstract

This research presents a bi-level stochastic network interdiction model on an attack graph to enable a risk-averse resource constrained cyber network defender to optimally deploy security countermeasures to protect against attackers having an uncertain budget. This risk-averse conditional-value-at-risk model minimizes a weighted sum of the expected maximum loss over all scenarios and the expected maximum loss from the most damaging attack scenarios. We develop an exact algorithm to solve our model as well as several acceleration techniques to improve the computational efficiency. Computational experiments demonstrate that the application of all the acceleration techniques reduces the average computation time of the basic algorithm by 71% for 100-node graphs. Using metrics called mean-risk value of stochastic solution and value of risk-aversion, numerical results suggest that our stochastic risk-averse model significantly outperforms deterministic and risk-neutral models when 1) the distribution of attacker budget is heavy-right-tailed and 2) the defender is highly risk-averse.

URI

https://hdl.handle.net/11668/19870

Comments

attack graph||stochastic network interdiction||risk-aversion||conditional-value-at-risk||mixed-integer-programming

Download

Share

COinS