A Complexity-Informed Approach to Optimise Cyber Defences

• URL: http://arxiv.org/abs/2501.15578v1
• Date: Sun, 26 Jan 2025 16:04:13 GMT
• Title: A Complexity-Informed Approach to Optimise Cyber Defences
• Authors: Lampis Alevizos,
• Abstract summary: This paper introduces a novel complexity-informed approach to cybersecurity management, addressing the challenges found within complex cyber defences. We adapt and extend the complexity theory to cybersecurity and develop a quantitative framework that empowers decision-makers with strategies to de-complexify defences, identify improvement opportunities, and resolve bottlenecks.
• Score: 0.0
• License:
• Abstract: This paper introduces a novel complexity-informed approach to cybersecurity management, addressing the challenges found within complex cyber defences. We adapt and extend the complexity theory to cybersecurity and develop a quantitative framework that empowers decision-makers with strategies to de-complexify defences, identify improvement opportunities, and resolve bottlenecks. Our approach also provides a solid foundation for critical cybersecurity decisions, such as tooling investment or divestment, workforce capacity planning, and optimisation of processes and capabilities. Through a case study, we detail and validate a systematic method for assessing and managing the complexity within cybersecurity defences. The complexity-informed approach based on MITRE ATT&CK, is designed to complement threat-informed defences. Threat-informed methods focus on understanding and countering adversary tactics, while the complexity-informed approach optimises the underlying defence infrastructure, thereby optimising the overall efficiency and effectiveness of cyber defences.

Related papers

• Beyond the Surface: An NLP-based Methodology to Automatically Estimate CVE Relevance for CAPEC Attack Patterns [42.63501759921809]
  We propose a methodology leveraging Natural Language Processing (NLP) to associate Common Vulnerabilities and Exposure (CAPEC) vulnerabilities with Common Attack Patternion and Classification (CAPEC) attack patterns. Experimental evaluations demonstrate superior performance compared to state-of-the-art models.
  arXiv  Detail & Related papers  (2025-01-13T08:39:52Z)
• Towards a Comprehensive Framework for Cyber-Incident Response Decision Support in Smart Grids [0.4077787659104315]
  This paper presents a framework based on integrating Attack-Defense Trees and the Multi-Criteria Decision Making method to enhance smart grid cybersecurity. The proposed model aims to optimize the effectiveness and efficiency of grid cybersecurity efforts while offering insights into future grid management challenges.
  arXiv  Detail & Related papers  (2024-12-09T07:07:10Z)
• SoK: Unifying Cybersecurity and Cybersafety of Multimodal Foundation Models with an Information Theory Approach [58.93030774141753]
  Multimodal foundation models (MFMs) represent a significant advancement in artificial intelligence. This paper conceptualizes cybersafety and cybersecurity in the context of multimodal learning. We present a comprehensive Systematization of Knowledge (SoK) to unify these concepts in MFMs, identifying key threats.
  arXiv  Detail & Related papers  (2024-11-17T23:06:20Z)
• Integrative Approaches in Cybersecurity and AI [0.0]
  We identify key trends, challenges, and future directions that hold the potential to revolutionize the way organizations protect, analyze, and leverage their data. Our findings highlight the necessity of cross-disciplinary strategies that incorporate AI-driven automation, real-time threat detection, and advanced data analytics to build more resilient and adaptive security architectures.
  arXiv  Detail & Related papers  (2024-08-12T01:37:06Z)
• Threat-Informed Cyber Resilience Index: A Probabilistic Quantitative Approach to Measure Defence Effectiveness Against Cyber Attacks [0.36832029288386137]
  This paper introduces the Cyber Resilience Index (CRI), a threat-informed probabilistic approach to quantifying an organisation's defence effectiveness against cyber-attacks (campaigns) Building upon the Threat-Intelligence Based Security Assessment (TIBSA) methodology, we present a mathematical model that translates complex threat intelligence into an actionable, unified metric similar to a stock market index, that executives can understand and interact with while teams can act upon.
  arXiv  Detail & Related papers  (2024-06-27T17:51:48Z)
• Scalable AI Safety via Doubly-Efficient Debate [37.25328923531058]
  The emergence of pre-trained AI systems with powerful capabilities has raised a critical challenge for AI safety. The original framework was based on the assumption that honest strategy is able to simulate AI systems for an exponential number of steps. We show how to address these challenges by designing a new set of protocols.
  arXiv  Detail & Related papers  (2023-11-23T17:46:30Z)
• Testing learning-enabled cyber-physical systems with Large-Language Models: A Formal Approach [32.15663640443728]
  The integration of machine learning (ML) into cyber-physical systems (CPS) offers significant benefits. Existing verification and validation techniques are often inadequate for these new paradigms. We propose a roadmap to transition from foundational probabilistic testing to a more rigorous approach capable of delivering formal assurance.
  arXiv  Detail & Related papers  (2023-11-13T14:56:14Z)
• A Survey of Network Requirements for Enabling Effective Cyber Deception [0.0]
  This paper investigates the crucial network requirements essential for the successful implementation of effective cyber deception techniques. With a focus on diverse network architectures and topologies, we delve into the intricate relationship between network characteristics and the deployment of deception mechanisms.
  arXiv  Detail & Related papers  (2023-09-01T00:38:57Z)
• Towards Automated Classification of Attackers' TTPs by combining NLP with ML Techniques [77.34726150561087]
  We evaluate and compare different Natural Language Processing (NLP) and machine learning techniques used for security information extraction in research. Based on our investigations we propose a data processing pipeline that automatically classifies unstructured text according to attackers' tactics and techniques.
  arXiv  Detail & Related papers  (2022-07-18T09:59:21Z)
• Mind Your Solver! On Adversarial Attack and Defense for Combinatorial Optimization [111.78035414744045]
  We take an initiative on developing the mechanisms for adversarial attack and defense towards optimization solvers. We present a simple yet effective defense strategy to modify the graph structure to increase the robustness of solvers.
  arXiv  Detail & Related papers  (2021-12-28T15:10:15Z)
• Constraints Satisfiability Driven Reinforcement Learning for Autonomous Cyber Defense [7.321728608775741]
  We present a new hybrid autonomous agent architecture that aims to optimize and verify defense policies of reinforcement learning (RL) We use constraints verification (using satisfiability modulo theory (SMT)) to steer the RL decision-making toward safe and effective actions. Our evaluation of the presented approach in a simulated CPS environment shows that the agent learns the optimal policy fast and defeats diversified attack strategies in 99% cases.
  arXiv  Detail & Related papers  (2021-04-19T01:08:30Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.