Get 20M+ Full-Text Papers For Less Than $1.50/day. Start a 14-Day Trial for You and Your Team.

Learn More →

A general defender‐attacker risk model for networks

A general defender‐attacker risk model for networks Purpose – The purpose of this paper is to present a competitive defender‐attacker risk model that assumes a dual exponential relationship between defender ( C i ) and attacker ( A i ) resource allocation: v i ( A i , C i )=e − α i c i −e − α i C i − γ i A i . Design/methodology/approach – Network risk is defined in terms of degree sequence, g , node/link damage, d , and probability of failure, v : R =∑ g i v i d i . The paper finds the optimal allocation of resources ( A i , C i ) that minimizes R from the defender's point of view, and maximizes R from the attacker's point of view. Findings – The effectiveness of the optimal min‐max strategy is compared with three allocation strategies: random, non‐network, and network. It is shown that total network risk is minimized by the non‐network strategy, because this strategy considers damage values and ignores network topology in the definition of risk. Originality/value – The method is illustrated by applying it to critical infrastructure – a hypothetical water‐and‐power network. http://www.deepdyve.com/assets/images/DeepDyve-Logo-lg.png The Journal of Risk Finance Emerald Publishing

A general defender‐attacker risk model for networks

The Journal of Risk Finance , Volume 9 (3): 18 – May 23, 2008

Loading next page...
 
/lp/emerald-publishing/a-general-defender-attacker-risk-model-for-networks-zPDz7S5G5l
Publisher
Emerald Publishing
Copyright
Copyright © 2008 Emerald Group Publishing Limited. All rights reserved.
ISSN
1526-5943
DOI
10.1108/15265940810875577
Publisher site
See Article on Publisher Site

Abstract

Purpose – The purpose of this paper is to present a competitive defender‐attacker risk model that assumes a dual exponential relationship between defender ( C i ) and attacker ( A i ) resource allocation: v i ( A i , C i )=e − α i c i −e − α i C i − γ i A i . Design/methodology/approach – Network risk is defined in terms of degree sequence, g , node/link damage, d , and probability of failure, v : R =∑ g i v i d i . The paper finds the optimal allocation of resources ( A i , C i ) that minimizes R from the defender's point of view, and maximizes R from the attacker's point of view. Findings – The effectiveness of the optimal min‐max strategy is compared with three allocation strategies: random, non‐network, and network. It is shown that total network risk is minimized by the non‐network strategy, because this strategy considers damage values and ignores network topology in the definition of risk. Originality/value – The method is illustrated by applying it to critical infrastructure – a hypothetical water‐and‐power network.

Journal

The Journal of Risk FinanceEmerald Publishing

Published: May 23, 2008

Keywords: Risk analysis; Risk management; Resource allocation

References