A Markov Model of Non-Mutually Exclusive Cyber Threats and its Applications for Selecting an Optimal Set of Information Security Remedies
In this work, we study a Markov model of cyber threats that act on a computer system. Within the framework of the model the computer system is considered as a system with failures and recoveries by analogy with models of reliability theory. To estimate functionally-temporal properties of the system...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Yaroslavl State University
2020-03-01
|
| Series: | Моделирование и анализ информационных систем |
| Subjects: | |
| Online Access: | https://www.mais-journal.ru/jour/article/view/1292 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1849688348824698880 |
|---|---|
| author | Adil A. Kassenov Alexey A. Magazev Valeriya F. Tsyrulnik |
| author_facet | Adil A. Kassenov Alexey A. Magazev Valeriya F. Tsyrulnik |
| author_sort | Adil A. Kassenov |
| collection | DOAJ |
| description | In this work, we study a Markov model of cyber threats that act on a computer system. Within the framework of the model the computer system is considered as a system with failures and recoveries by analogy with models of reliability theory. To estimate functionally-temporal properties of the system we introduce a parameter called the lifetime of the system and defined as the number of transitions of the corresponding Markov chain until the first hit to the final state. Since this random variable plays an important role at evaluating a security level of the computer system, we investigate in detail its random distribution for the case of mutually exclusive cyber threats; in particular, we derive explicit analytical formulae for numerical characteristics of its distribution: expected value and dispersion. Then we generalize substantially the Markov model dropping the assumption that cyber threats acting on the system are mutually exclusive. This modification leads to an extended Markov chain that has (at least qualitatively) the same structure as the original chain. This fact allowed to generalize the above analytical results for the expected value and dispersion of the lifetime to the case of non-mutually exclusive cyber threats. At the end of the work the Markov model for non-mutually exclusive cyber threats is used to state a problem of finding an optimal configuration of security remedies in a given cyber threat space. It is essential that the formulated optimization problems belong to the class of non-linear discrete (Boolean) programming problems. Finally, we consider an example that illustrate the solution of the problem on selecting the optimal set of security remedies for a computer system. |
| format | Article |
| id | doaj-art-08702396e3de4b1bbe902f0f3f64a4fa |
| institution | DOAJ |
| issn | 1818-1015 2313-5417 |
| language | English |
| publishDate | 2020-03-01 |
| publisher | Yaroslavl State University |
| record_format | Article |
| series | Моделирование и анализ информационных систем |
| spelling | doaj-art-08702396e3de4b1bbe902f0f3f64a4fa2025-08-20T03:22:03ZengYaroslavl State UniversityМоделирование и анализ информационных систем1818-10152313-54172020-03-0127110812310.18255/1818-1015-2020-1-108-123963A Markov Model of Non-Mutually Exclusive Cyber Threats and its Applications for Selecting an Optimal Set of Information Security RemediesAdil A. Kassenov0Alexey A. Magazev1Valeriya F. Tsyrulnik2Omsk State Technical UniversityOmsk State Technical UniversityOmsk State Technical UniversityIn this work, we study a Markov model of cyber threats that act on a computer system. Within the framework of the model the computer system is considered as a system with failures and recoveries by analogy with models of reliability theory. To estimate functionally-temporal properties of the system we introduce a parameter called the lifetime of the system and defined as the number of transitions of the corresponding Markov chain until the first hit to the final state. Since this random variable plays an important role at evaluating a security level of the computer system, we investigate in detail its random distribution for the case of mutually exclusive cyber threats; in particular, we derive explicit analytical formulae for numerical characteristics of its distribution: expected value and dispersion. Then we generalize substantially the Markov model dropping the assumption that cyber threats acting on the system are mutually exclusive. This modification leads to an extended Markov chain that has (at least qualitatively) the same structure as the original chain. This fact allowed to generalize the above analytical results for the expected value and dispersion of the lifetime to the case of non-mutually exclusive cyber threats. At the end of the work the Markov model for non-mutually exclusive cyber threats is used to state a problem of finding an optimal configuration of security remedies in a given cyber threat space. It is essential that the formulated optimization problems belong to the class of non-linear discrete (Boolean) programming problems. Finally, we consider an example that illustrate the solution of the problem on selecting the optimal set of security remedies for a computer system.https://www.mais-journal.ru/jour/article/view/1292cyber threatmarkov chainsecurity remedyoptimization |
| spellingShingle | Adil A. Kassenov Alexey A. Magazev Valeriya F. Tsyrulnik A Markov Model of Non-Mutually Exclusive Cyber Threats and its Applications for Selecting an Optimal Set of Information Security Remedies Моделирование и анализ информационных систем cyber threat markov chain security remedy optimization |
| title | A Markov Model of Non-Mutually Exclusive Cyber Threats and its Applications for Selecting an Optimal Set of Information Security Remedies |
| title_full | A Markov Model of Non-Mutually Exclusive Cyber Threats and its Applications for Selecting an Optimal Set of Information Security Remedies |
| title_fullStr | A Markov Model of Non-Mutually Exclusive Cyber Threats and its Applications for Selecting an Optimal Set of Information Security Remedies |
| title_full_unstemmed | A Markov Model of Non-Mutually Exclusive Cyber Threats and its Applications for Selecting an Optimal Set of Information Security Remedies |
| title_short | A Markov Model of Non-Mutually Exclusive Cyber Threats and its Applications for Selecting an Optimal Set of Information Security Remedies |
| title_sort | markov model of non mutually exclusive cyber threats and its applications for selecting an optimal set of information security remedies |
| topic | cyber threat markov chain security remedy optimization |
| url | https://www.mais-journal.ru/jour/article/view/1292 |
| work_keys_str_mv | AT adilakassenov amarkovmodelofnonmutuallyexclusivecyberthreatsanditsapplicationsforselectinganoptimalsetofinformationsecurityremedies AT alexeyamagazev amarkovmodelofnonmutuallyexclusivecyberthreatsanditsapplicationsforselectinganoptimalsetofinformationsecurityremedies AT valeriyaftsyrulnik amarkovmodelofnonmutuallyexclusivecyberthreatsanditsapplicationsforselectinganoptimalsetofinformationsecurityremedies AT adilakassenov markovmodelofnonmutuallyexclusivecyberthreatsanditsapplicationsforselectinganoptimalsetofinformationsecurityremedies AT alexeyamagazev markovmodelofnonmutuallyexclusivecyberthreatsanditsapplicationsforselectinganoptimalsetofinformationsecurityremedies AT valeriyaftsyrulnik markovmodelofnonmutuallyexclusivecyberthreatsanditsapplicationsforselectinganoptimalsetofinformationsecurityremedies |