A Decision-Theoretic Approach to Measuring Security (Author names omitted for initial submittal)

ثبت نشده
چکیده

The question “is this system secure?” is notoriously difficult to answer. The question implies that there is a system-wide property called “security,” which we can measure with some meaningful threshold of sufficiency. In this concept paper, we discuss the difficulty of measuring security sufficiency, either directly or through proxy such as the number of known vulnerabilities. We propose that the question can be better addressed by measuring confidence and risk in the decisions that depend on security. A novelty of this approach is that it integrates use of both subjective information (e.g. expert judgment) and empirical data. We investigate how this approach uses well-known methods from the discipline of decision-making under uncertainty to provide a more rigorous and useable measure of security sufficiency.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Game-Theoretic Approach for Pricing Decisions in Dual-Channel Supply Chain

In the current study, a dual-channel supply chain is considered containing one manufacturer and two retailers. It is assumed that the manufacturer and retailers have the same decision powers. A game-theoretic approach is developed to analyze pricing decisions under the centralized and decentralized scenarios. First, the Nash model is established to obtain the equilibrium decisions in the decent...

متن کامل

Measuring IDS-estimated attack impacts for rational incident response: A decision theoretic approach

Intrusion detection system (IDS) plays a vital role in defending our cyberspace against attacks. Either misuse-based IDS or anomaly-based IDS, or their combinations, however, can only partially reflect the true system state due to excessive false alerts, low detection rate, and inaccurate incident diagnosis. An automated response component built upon IDS therefore must consider the stale and im...

متن کامل

A Decision and Game Theoretic Approach to Networked System Security with Applications to Power Grid (Invited Lecture)

There has been a growing interest in decision and game theoretic approaches to networked system security as evidenced by the increasing number of publications and conferences such as the Conference on Decision and Game Theory for Security (GameSec). This presentation aims to give an overview on security games and their applications to network and critical infrastructure security based on the re...

متن کامل

A mixed Bayesian/Frequentist approach in sample size determination problem for clinical trials

In this paper we introduce a stochastic optimization method based ona mixed Bayesian/frequentist approach to a sample size determinationproblem in a clinical trial. The data are assumed to come from a nor-mal distribution for which both the mean and the variance are unknown.In contrast to the usual Bayesian decision theoretic methodology, whichassumes a single decision maker, our method recogni...

متن کامل

Coordinating a decentralized supply chain with a stochastic demand using quantity flexibility contract: a game-theoretic approach

  Supply chain includes two or more parties linked by flow of goods, information, and funds. In a decentralized system, supply chain members make decision regardless of their decision's effects on the performance of the other members and the entire supply chain. This is the key issue in supply chain management, that the mechanism should be developed in which different objectives should be align...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2016