77
IRUS TotalDownloads
Redundancy planning for cost efficient resilience to cyber attacks
File | Description | Size | Format | |
---|---|---|---|---|
![]() | Accepted version | 1.18 MB | Adobe PDF | View/Open |
![]() | Supporting information | 1.02 MB | Adobe PDF | View/Open |
Title: | Redundancy planning for cost efficient resilience to cyber attacks |
Authors: | Soikkeli, J Casale, G Munoz Gonzalez, L Lupu, EC |
Item Type: | Journal Article |
Abstract: | We investigate the extent to which redundancy (including with diversity) can help mitigate the impact of cyber attacks that aim to reduce system performance. Using analytical techniques, we estimate impacts, in terms of monetary costs, of penalties from breaching Service Level Agreements (SLAs), and find optimal resource allocations to minimize the overall costs arising from attacks. Our approach combines attack impact analysis, based on performance modeling using queueing networks, with an attack model based on attack graphs. We evaluate our approach using a case study of a website, and show how resource redundancy and diversity can improve the resilience of a system by reducing the likelihood of a fully disruptive attack. We find that the cost-effectiveness of redundancy depends on the SLA terms, the probability of attack detection, the time to recover, and the cost of maintenance. In our case study, redundancy with diversity achieved a saving of up to around 50 percent in expected attack costs relative to no redundancy. The overall benefit over time depends on how the saving during attacks compares to the added maintenance costs due to redundancy. |
Issue Date: | 1-Mar-2023 |
Date of Acceptance: | 8-Feb-2022 |
URI: | http://hdl.handle.net/10044/1/94453 |
DOI: | 10.1109/TDSC.2022.3151462 |
ISSN: | 1545-5971 |
Publisher: | Institute of Electrical and Electronics Engineers |
Start Page: | 1154 |
End Page: | 1168 |
Journal / Book Title: | IEEE Transactions on Dependable and Secure Computing |
Volume: | 20 |
Issue: | 2 |
Copyright Statement: | © 2022 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. |
Publication Status: | Published |
Online Publication Date: | 2022-02-14 |
Appears in Collections: | Computing Faculty of Engineering |