Scribble at 2019-09-25 22:19:33 Last modified: 2022-09-29 14:01:37

We present a framework to efficiently solve a multi-objective optimisation problem for cyber-security defence. Facing an attacker who can mount a multi-stage attack (modelled using attack graphs), the defence problem is to select a portfolio of security controls which minimises the security risk and the (direct and indirect) costs of the portfolio of controls. The main challenges for the optimisation are: (a) the effect of the security controls is in general probabilistic, for example, the effect of staff anti-phishing training; moreover, some controls like taking regular back-ups do not have an attack-preventing effect, but rather, mitigate the losses of a successful attack; (b) each control may affect multiple vulnerabilities; and each vulnerability may be affected by multiple controls; (c) there can be a prohibitively large number of attack paths, each involving exploitation of different vulnerabilities. Our mathematical framework deals with all these problems. In particular, we model the problem as a min-max multi-objective optimisation. Using techniques such as ILP conversion, exact LP relaxation and dualisation, we convert the problem into a very efficient MILP. For instance, it returns the optimal solution for attack graphs with 20,000 nodes in less than four minutes typically.