Affiliation:
1. Operations Research Department Naval Postgraduate School Monterey California USA
Abstract
AbstractA common network security approach is to create a De‐Militarized Zone (DMZ) comprising two layers of network defense. The DMZ structure provides an extra layer of security between the sensitive information in a network (e.g., research and development files) and the component of the network that must interface with the general internet (e.g., the mail server). We consider a cyber‐attack on a DMZ network where both attacker and defender have limited resources and capabilities to attack and defend, respectively. We study two optimization problems and one game‐theoretic problem. Given that the attacker (defender) knows the potential capabilities of the defender (attacker) in the two layers, we obtain the optimal allocation of resources for the attacker (defender). The two‐optimization problems are not symmetrical. Absent any knowledge regarding the allocation of the adversary's resources, we solve a game‐theoretic problem and obtain some operational insights regarding the effect of combat (e.g., cyber) capabilities and their optimal allocation.
Subject
Management Science and Operations Research,Ocean Engineering,Modeling and Simulation
Cited by
2 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献