IRUS Total

Redundancy planning for cost efficient resilience to cyber attacks

File Description SizeFormat 
Redundancy_planning_ACCEPTED_MAIN.pdfAccepted version1.18 MBAdobe PDFView/Open
Redundancy_planning_ACCEPTED_SUPPLEMENT.pdfSupporting information1.02 MBAdobe PDFView/Open
Title: Redundancy planning for cost efficient resilience to cyber attacks
Authors: Soikkeli, J
Casale, G
Munoz Gonzalez, L
Lupu, EC
Item Type: Journal Article
Abstract: We investigate the extent to which redundancy (including with diversity) can help mitigate the impact of cyber attacks that aim to reduce system performance. Using analytical techniques, we estimate impacts, in terms of monetary costs, of penalties from breaching Service Level Agreements (SLAs), and find optimal resource allocations to minimize the overall costs arising from attacks. Our approach combines attack impact analysis, based on performance modeling using queueing networks, with an attack model based on attack graphs. We evaluate our approach using a case study of a website, and show how resource redundancy and diversity can improve the resilience of a system by reducing the likelihood of a fully disruptive attack. We find that the cost-effectiveness of redundancy depends on the SLA terms, the probability of attack detection, the time to recover, and the cost of maintenance. In our case study, redundancy with diversity achieved a saving of up to around 50 percent in expected attack costs relative to no redundancy. The overall benefit over time depends on how the saving during attacks compares to the added maintenance costs due to redundancy.
Issue Date: 1-Mar-2023
Date of Acceptance: 8-Feb-2022
URI: http://hdl.handle.net/10044/1/94453
DOI: 10.1109/TDSC.2022.3151462
ISSN: 1545-5971
Publisher: Institute of Electrical and Electronics Engineers
Start Page: 1154
End Page: 1168
Journal / Book Title: IEEE Transactions on Dependable and Secure Computing
Volume: 20
Issue: 2
Copyright Statement: © 2022 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Publication Status: Published
Online Publication Date: 2022-02-14
Appears in Collections:Computing
Faculty of Engineering