IDEAS home Printed from https://ideas.repec.org/a/eee/ejores/v252y2016i3p888-899.html
   My bibliography  Save this article

Multithreat multisite protection: A security case study

Author

Listed:
  • Ríos Insua, David
  • Cano, Javier
  • Pellot, Michael
  • Ortega, Ricardo

Abstract

We provide a novel adversarial risk analysis approach to security resource allocation decision processes for an organization which faces multiple threats over multiple sites. We deploy a Sequential Defend-Attack model for each type of threat and site, under the assumption that different attackers are uncoordinated, although cascading effects are contemplated. The models are related by resource constraints and results are aggregated over the sites for each participant and, for the Defender, by value aggregation across threats. We illustrate the model with a case study in which we support a railway operator in allocating resources to protect from two threats: fare evasion and pickpocketing. Results suggest considerable expected savings due to the proposed investments.

Suggested Citation

  • Ríos Insua, David & Cano, Javier & Pellot, Michael & Ortega, Ricardo, 2016. "Multithreat multisite protection: A security case study," European Journal of Operational Research, Elsevier, vol. 252(3), pages 888-899.
  • Handle: RePEc:eee:ejores:v:252:y:2016:i:3:p:888-899
    DOI: 10.1016/j.ejor.2016.01.041
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S0377221716000862
    Download Restriction: Full text for ScienceDirect subscribers only

    File URL: https://libkey.io/10.1016/j.ejor.2016.01.041?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Alpern, Steven & Morton, Alec & Papadaki, Katerina, 2011. "Patrolling games," LSE Research Online Documents on Economics 32210, London School of Economics and Political Science, LSE Library.
    2. James S. Dyer & Rakesh K. Sarin, 1979. "Measurable Multiattribute Value Functions," Operations Research, INFORMS, vol. 27(4), pages 810-822, August.
    3. Hausken, Kjell & Bier, Vicki M., 2011. "Defending against multiple different attackers," European Journal of Operational Research, Elsevier, vol. 211(2), pages 370-384, June.
    4. James S. Dyer & Rakesh K. Sarin, 1982. "Relative Risk Aversion," Management Science, INFORMS, vol. 28(8), pages 875-886, August.
    5. Koller, Daphne & Milch, Brian, 2003. "Multi-agent influence diagrams for representing and solving games," Games and Economic Behavior, Elsevier, vol. 45(1), pages 181-221, October.
    6. Vicki Bier & Santiago Oliveros & Larry Samuelson, 2007. "Choosing What to Protect: Strategic Defensive Allocation against an Unknown Attacker," Journal of Public Economic Theory, Association for Public Economic Theory, vol. 9(4), pages 563-587, August.
    7. Peter H. Farquhar, 1984. "State of the Art---Utility Assessment Methods," Management Science, INFORMS, vol. 30(11), pages 1283-1300, November.
    8. Chen Wang & Vicki M. Bier, 2013. "Expert Elicitation of Adversary Preferences Using Ordinal Judgments," Operations Research, INFORMS, vol. 61(2), pages 372-385, April.
    9. Gerald Brown & Matthew Carlyle & Javier Salmerón & Kevin Wood, 2006. "Defending Critical Infrastructure," Interfaces, INFORMS, vol. 36(6), pages 530-544, December.
    10. Jun Zhuang & Vicki M. Bier, 2007. "Balancing Terrorism and Natural Disasters---Defensive Strategy with Endogenous Attacker Effort," Operations Research, INFORMS, vol. 55(5), pages 976-991, October.
    11. Haphuriwat, N. & Bier, V.M., 2011. "Trade-offs between target hardening and overarching protection," European Journal of Operational Research, Elsevier, vol. 213(1), pages 320-328, August.
    12. Bernd Kraan & Tim Bedford, 2005. "Probabilistic Inversion of Expert Judgments in the Quantification of Model Uncertainty," Management Science, INFORMS, vol. 51(6), pages 995-1006, June.
    13. Kjell Hausken, 2014. "Individual versus overarching protection and attack of assets," Central European Journal of Operations Research, Springer;Slovak Society for Operations Research;Hungarian Operational Research Society;Czech Society for Operations Research;Österr. Gesellschaft für Operations Research (ÖGOR);Slovenian Society Informatika - Section for Operational Research;Croatian Operational Research Society, vol. 22(1), pages 89-112, March.
    14. Insua, Insua Rios & Rios, Jesus & Banks, David, 2009. "Adversarial Risk Analysis," Journal of the American Statistical Association, American Statistical Association, vol. 104(486), pages 841-854.
    15. Kjell Hausken, 2014. "Choosing what to protect when attacker resources and asset valuations are uncertain," Operations Research and Decisions, Wroclaw University of Science and Technology, Faculty of Management, vol. 24(3), pages 23-44.
    16. Levitin, Gregory & Hausken, Kjell & Dai, Yuanshun, 2014. "Optimal defense with variable number of overarching and individual protections," Reliability Engineering and System Safety, Elsevier, vol. 123(C), pages 81-90.
    17. Zoroa, N. & Fernández-Sáez, M.J. & Zoroa, P., 2012. "Patrolling a perimeter," European Journal of Operational Research, Elsevier, vol. 222(3), pages 571-582.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Kjell Hausken, 2020. "Governmental combat of migration between competing terrorist organisations," Operations Research and Decisions, Wroclaw University of Science and Technology, Faculty of Management, vol. 30(3), pages 21-46.
    2. Gabriel Kuper & Fabio Massacci & Woohyun Shim & Julian Williams, 2020. "Who Should Pay for Interdependent Risk? Policy Implications for Security Interdependence Among Airports," Risk Analysis, John Wiley & Sons, vol. 40(5), pages 1001-1019, May.
    3. Wei Wang & Francesco Di Maio & Enrico Zio, 2019. "Adversarial Risk Analysis to Allocate Optimal Defense Resources for Protecting Cyber–Physical Systems from Cyber Attacks," Risk Analysis, John Wiley & Sons, vol. 39(12), pages 2766-2785, December.
    4. Lee, Sangjae & Costello, Francis Joseph & Lee, Kun Chang, 2021. "Hierarchical balanced scorecard-based organizational goals and the efficiency of controls processes," Journal of Business Research, Elsevier, vol. 132(C), pages 270-288.
    5. Hausken, Kjell, 2019. "Governmental combat of the dynamics of multiple competing terrorist organizations," Mathematics and Computers in Simulation (MATCOM), Elsevier, vol. 166(C), pages 33-55.
    6. Benedetto Barabino & Cristian Lai & Alessandro Olivo, 2020. "Fare evasion in public transport systems: a review of the literature," Public Transport, Springer, vol. 12(1), pages 27-88, March.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Hunt, Kyle & Zhuang, Jun, 2024. "A review of attacker-defender games: Current state and paths forward," European Journal of Operational Research, Elsevier, vol. 313(2), pages 401-417.
    2. Qingqing Zhai & Rui Peng & Jun Zhuang, 2020. "Defender–Attacker Games with Asymmetric Player Utilities," Risk Analysis, John Wiley & Sons, vol. 40(2), pages 408-420, February.
    3. Javier Cano & David Ríos Insua & Alessandra Tedeschi & Ug̃ur Turhan, 2016. "Security economics: an adversarial risk analysis approach to airport protection," Annals of Operations Research, Springer, vol. 245(1), pages 359-378, October.
    4. González-Ortega, Jorge & Ríos Insua, David & Cano, Javier, 2019. "Adversarial risk analysis for bi-agent influence diagrams: An algorithmic approach," European Journal of Operational Research, Elsevier, vol. 273(3), pages 1085-1096.
    5. Bose, Gautam & Konrad, Kai A., 2020. "Devil take the hindmost: Deflecting attacks to other defenders," Reliability Engineering and System Safety, Elsevier, vol. 204(C).
    6. G. Quijano, Eduardo & Ríos Insua, David & Cano, Javier, 2018. "Critical networked infrastructure protection from adversaries," Reliability Engineering and System Safety, Elsevier, vol. 179(C), pages 27-36.
    7. Hausken, Kjell, 2017. "Special versus general protection and attack of parallel and series components," Reliability Engineering and System Safety, Elsevier, vol. 165(C), pages 239-256.
    8. César Gil & David Rios Insua & Jesus Rios, 2016. "Adversarial Risk Analysis for Urban Security Resource Allocation," Risk Analysis, John Wiley & Sons, vol. 36(4), pages 727-741, April.
    9. David Rios Insua & David Banks & Jesus Rios, 2016. "Modeling Opponents in Adversarial Risk Analysis," Risk Analysis, John Wiley & Sons, vol. 36(4), pages 742-755, April.
    10. Wei Wang & Francesco Di Maio & Enrico Zio, 2019. "Adversarial Risk Analysis to Allocate Optimal Defense Resources for Protecting Cyber–Physical Systems from Cyber Attacks," Risk Analysis, John Wiley & Sons, vol. 39(12), pages 2766-2785, December.
    11. Konrad, Kai A., 2020. "Attacking and defending multiple valuable secrets in a big data world," European Journal of Operational Research, Elsevier, vol. 280(3), pages 1122-1129.
    12. Ye, Zhi-Sheng & Peng, Rui & Wang, Wenbin, 2017. "Defense and attack of performance-sharing common bus systemsAuthor-Name: Zhai, Qingqing," European Journal of Operational Research, Elsevier, vol. 256(3), pages 962-975.
    13. Mohammad E. Nikoofal & Jun Zhuang, 2012. "Robust Allocation of a Defensive Budget Considering an Attacker's Private Information," Risk Analysis, John Wiley & Sons, vol. 32(5), pages 930-943, May.
    14. Kjell Hausken, 2019. "Special versus general protection and attack of two assets," Operations Research and Decisions, Wroclaw University of Science and Technology, Faculty of Management, vol. 29(4), pages 53-93.
    15. Mathews, Timothy & Paul, Jomon A., 2022. "Natural disasters and their impact on cooperation against a common enemy," European Journal of Operational Research, Elsevier, vol. 303(3), pages 1417-1428.
    16. Roponen, Juho & Ríos Insua, David & Salo, Ahti, 2020. "Adversarial risk analysis under partial information," European Journal of Operational Research, Elsevier, vol. 287(1), pages 306-316.
    17. Abdolmajid Yolmeh & Melike Baykal-Gürsoy & Vicki Bier, 2023. "A decomposable resource allocation model with generalized overarching protections," Annals of Operations Research, Springer, vol. 320(1), pages 493-507, January.
    18. Kjell Hausken & Jonathan W. Welburn & Jun Zhuang, 2024. "A Review of Attacker–Defender Games and Cyber Security," Games, MDPI, vol. 15(4), pages 1-27, August.
    19. Nikoofal, Mohammad E. & Zhuang, Jun, 2015. "On the value of exposure and secrecy of defense system: First-mover advantage vs. robustness," European Journal of Operational Research, Elsevier, vol. 246(1), pages 320-330.
    20. Zhang, Jing & Zhuang, Jun, 2019. "Modeling a multi-target attacker-defender game with multiple attack types," Reliability Engineering and System Safety, Elsevier, vol. 185(C), pages 465-475.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:ejores:v:252:y:2016:i:3:p:888-899. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: http://www.elsevier.com/locate/eor .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.