Adversarial Risk Analysis to Allocate Optimal Defense Resources for Protecting Cyber–Physical Systems from Cyber Attacks
Author
Abstract
Suggested Citation
DOI: 10.1111/risa.13382
Download full text from publisher
References listed on IDEAS
- Ríos Insua, David & Cano, Javier & Pellot, Michael & Ortega, Ricardo, 2016. "Multithreat multisite protection: A security case study," European Journal of Operational Research, Elsevier, vol. 252(3), pages 888-899.
- Daniel Bernoulli, 2011. "Exposition Of A New Theory On The Measurement Of Risk," World Scientific Book Chapters, in: Leonard C MacLean & Edward O Thorp & William T Ziemba (ed.), THE KELLY CAPITAL GROWTH INVESTMENT CRITERION THEORY and PRACTICE, chapter 2, pages 11-24, World Scientific Publishing Co. Pte. Ltd..
- Grechuk, Bogdan & Zabarankin, Michael, 2016. "Inverse portfolio problem with coherent risk measures," European Journal of Operational Research, Elsevier, vol. 249(2), pages 740-750.
- R. Piccinelli & G. Sansavini & R. Lucchetti & E. Zio, 2017. "A General Framework for the Assessment of Power System Vulnerability to Malicious Attacks," Risk Analysis, John Wiley & Sons, vol. 37(11), pages 2182-2190, November.
- Vicki Bier & Santiago Oliveros & Larry Samuelson, 2007.
"Choosing What to Protect: Strategic Defensive Allocation against an Unknown Attacker,"
Journal of Public Economic Theory, Association for Public Economic Theory, vol. 9(4), pages 563-587, August.
- Vicki Bier & Santiago Oliveros & Larry Samuelson, 2006. "Choosing What to Protect: Strategic Defensive Allocation against an Unknown Attacker," Levine's Bibliography 321307000000000158, UCLA Department of Economics.
- Vicki M. Bier & Naraphorn Haphuriwat & Jaime Menoyo & Rae Zimmerman & Alison M. Culpen, 2008. "Optimal Resource Allocation for Defense of Targets Based on Differing Measures of Attractiveness," Risk Analysis, John Wiley & Sons, vol. 28(3), pages 763-770, June.
- Levitin, G. & Gertsbakh, I. & Shpungin, Y., 2011. "Evaluating the damage associated with intentional network disintegration," Reliability Engineering and System Safety, Elsevier, vol. 96(4), pages 433-439.
- Casey Rothschild & Laura McLay & Seth Guikema, 2012. "Adversarial Risk Analysis with Incomplete Information: A Level‐k Approach," Risk Analysis, John Wiley & Sons, vol. 32(7), pages 1219-1231, July.
- Zare Moayedi, Behzad & Azgomi, Mohammad Abdollahi, 2012. "A game theoretic framework for evaluation of the impacts of hackers diversity on security measures," Reliability Engineering and System Safety, Elsevier, vol. 99(C), pages 45-54.
- Levitin, Gregory & Hausken, Kjell, 2009. "Intelligence and impact contests in systems with redundancy, false targets, and partial protection," Reliability Engineering and System Safety, Elsevier, vol. 94(12), pages 1927-1941.
- Viscusi, W Kip & Aldy, Joseph E, 2003.
"The Value of a Statistical Life: A Critical Review of Market Estimates throughout the World,"
Journal of Risk and Uncertainty, Springer, vol. 27(1), pages 5-76, August.
- W. Kip Viscusi & Joseph E. Aldy, 2003. "The Value of a Statistical Life: A Critical Review of Market Estimates throughout the World," NBER Working Papers 9487, National Bureau of Economic Research, Inc.
- Jun Zhuang & Vicki M. Bier, 2007. "Balancing Terrorism and Natural Disasters---Defensive Strategy with Endogenous Attacker Effort," Operations Research, INFORMS, vol. 55(5), pages 976-991, October.
- Flage, Roger & Aven, Terje & Berner, Christine L., 2018. "A comparison between a probability bounds analysis and a subjective probability approach to express epistemic uncertainties in a risk assessment context – A simple illustrative example," Reliability Engineering and System Safety, Elsevier, vol. 169(C), pages 1-10.
- Javier Cano & Alessandro Pollini & Lorenzo Falciani & Uğur Turhan, 2016. "Modeling current and emerging threats in the airport domain through adversarial risk analysis," Journal of Risk Research, Taylor & Francis Journals, vol. 19(7), pages 894-912, August.
- J. S. Busby & B. Green & D. Hutchison, 2017. "Analysis of Affordance, Time, and Adaptation in the Assessment of Industrial Control System Cybersecurity Risk," Risk Analysis, John Wiley & Sons, vol. 37(7), pages 1298-1314, July.
- John C. Hershey & Paul J. H. Schoemaker, 1985. "Probability Versus Certainty Equivalence Methods in Utility Measurement: Are they Equivalent?," Management Science, INFORMS, vol. 31(10), pages 1213-1231, October.
- Fang, Yiping & Sansavini, Giovanni, 2017. "Optimizing power system investments and resilience against attacks," Reliability Engineering and System Safety, Elsevier, vol. 159(C), pages 161-173.
- Jesus Rios & David Rios Insua, 2012. "Adversarial Risk Analysis for Counterterrorism Modeling," Risk Analysis, John Wiley & Sons, vol. 32(5), pages 894-915, May.
- Aven, Terje & Zio, Enrico, 2011. "Some considerations on the treatment of uncertainties in risk assessment for practical decision making," Reliability Engineering and System Safety, Elsevier, vol. 96(1), pages 64-74.
- Aven, Terje, 2009. "Identification of safety and security critical systems and activities," Reliability Engineering and System Safety, Elsevier, vol. 94(2), pages 404-411.
- W. Viscusi, 2009. "Valuing risks of death from terrorism and natural disasters," Journal of Risk and Uncertainty, Springer, vol. 38(3), pages 191-213, June.
- Kreps, David M., 1990. "Game Theory and Economic Modelling," OUP Catalogue, Oxford University Press, number 9780198283812.
- Wang, Wei & Cammi, Antonio & Di Maio, Francesco & Lorenzi, Stefano & Zio, Enrico, 2018. "A Monte Carlo-based exploration framework for identifying components vulnerable to cyber threats in nuclear power plants," Reliability Engineering and System Safety, Elsevier, vol. 175(C), pages 24-37.
- Zio, E., 2018. "The future of risk assessment," Reliability Engineering and System Safety, Elsevier, vol. 177(C), pages 176-190.
- Terje Aven & Louis Anthony Cox, 2016. "National and Global Risk Studies: How Can the Field of Risk Analysis Contribute?," Risk Analysis, John Wiley & Sons, vol. 36(2), pages 186-190, February.
- Jun Zhuang & Vicki Bier, 2011. "Secrecy And Deception At Equilibrium, With Applications To Anti-Terrorism Resource Allocation," Defence and Peace Economics, Taylor & Francis Journals, vol. 22(1), pages 43-61.
- Hu, Xiaoxiao & Xu, Maochao & Xu, Shouhuai & Zhao, Peng, 2017. "Multiple cyber attacks against a target with observation errors and dependent outcomes: Characterization and optimization," Reliability Engineering and System Safety, Elsevier, vol. 159(C), pages 119-133.
- Ramirez-Marquez, Jose E. & Rocco, Claudio M. & Levitin, Gregory, 2011. "Optimal network protection against diverse interdictor strategies," Reliability Engineering and System Safety, Elsevier, vol. 96(3), pages 374-382.
- Javier Cano & David Ríos Insua & Alessandra Tedeschi & Ug̃ur Turhan, 2016. "Security economics: an adversarial risk analysis approach to airport protection," Annals of Operations Research, Springer, vol. 245(1), pages 359-378, October.
- John C. Harsanyi, 1967. "Games with Incomplete Information Played by "Bayesian" Players, I-III Part I. The Basic Model," Management Science, INFORMS, vol. 14(3), pages 159-182, November.
- Martin J. Osborne & Ariel Rubinstein, 1994.
"A Course in Game Theory,"
MIT Press Books,
The MIT Press,
edition 1, volume 1, number 0262650401, December.
- Martin J Osborne & Ariel Rubinstein, 2009. "A Course in Game Theory," Levine's Bibliography 814577000000000225, UCLA Department of Economics.
- Aven, Terje & Krohn, Bodil S., 2014. "A new perspective on how to understand, assess and manage risk and the unforeseen," Reliability Engineering and System Safety, Elsevier, vol. 121(C), pages 1-10.
- repec:reg:rpubli:282 is not listed on IDEAS
- Jun Zhuang & Vicki M. Bier, 2010. "Reasons for Secrecy and Deception in Homeland‐Security Resource Allocation," Risk Analysis, John Wiley & Sons, vol. 30(12), pages 1737-1743, December.
- G Levitin & K Hausken, 2010. "Defence and attack of systems with variable attacker system structure detection probability," Journal of the Operational Research Society, Palgrave Macmillan;The OR Society, vol. 61(1), pages 124-133, January.
- Levitin, Gregory & Hausken, Kjell, 2009. "Parallel systems under two sequential attacks," Reliability Engineering and System Safety, Elsevier, vol. 94(3), pages 763-772.
- Zio, Enrico, 2016. "Challenges in the vulnerability and risk analysis of critical infrastructures," Reliability Engineering and System Safety, Elsevier, vol. 152(C), pages 137-150.
- Peng, R. & Levitin, G. & Xie, M. & Ng, S.H., 2010. "Defending simple series and parallel systems with imperfect false targets," Reliability Engineering and System Safety, Elsevier, vol. 95(6), pages 679-688.
- Insua, Insua Rios & Rios, Jesus & Banks, David, 2009. "Adversarial Risk Analysis," Journal of the American Statistical Association, American Statistical Association, vol. 104(486), pages 841-854.
- G. Quijano, Eduardo & RÃos Insua, David & Cano, Javier, 2018. "Critical networked infrastructure protection from adversaries," Reliability Engineering and System Safety, Elsevier, vol. 179(C), pages 27-36.
- Kjell Hausken, 2014. "Choosing what to protect when attacker resources and asset valuations are uncertain," Operations Research and Decisions, Wroclaw University of Science and Technology, Faculty of Management, vol. 24(3), pages 23-44.
- Hausken, Kjell & Levitin, Gregory, 2009. "Minmax defense strategy for complex multi-state systems," Reliability Engineering and System Safety, Elsevier, vol. 94(2), pages 577-587.
- Kriaa, Siwar & Pietre-Cambacedes, Ludovic & Bouissou, Marc & Halgand, Yoran, 2015. "A survey of approaches combining safety and security for industrial control systems," Reliability Engineering and System Safety, Elsevier, vol. 139(C), pages 156-178.
Citations
Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
Cited by:
- Tang, Daogui & Fang, Yi-Ping & Zio, Enrico, 2023. "Vulnerability analysis of demand-response with renewable energy integration in smart grids to cyber attacks and online detection methods," Reliability Engineering and System Safety, Elsevier, vol. 235(C).
- Eric DuBois & Ashley Peper & Laura A. Albert, 2023. "Interdicting Attack Plans with Boundedly Rational Players and Multiple Attackers: An Adversarial Risk Analysis Approach," Decision Analysis, INFORMS, vol. 20(3), pages 202-219, September.
- Zhaojun Hao & Francesco Di Maio & Enrico Zio, 2021. "Multi-State Reliability Assessment Model of Base-Load Cyber-Physical Energy Systems (CPES) during Flexible Operation Considering the Aging of Cyber Components," Energies, MDPI, vol. 14(11), pages 1-18, June.
Most related items
These are the items that most often cite the same works as this one and are cited by the same works as this one.- Hunt, Kyle & Zhuang, Jun, 2024. "A review of attacker-defender games: Current state and paths forward," European Journal of Operational Research, Elsevier, vol. 313(2), pages 401-417.
- Zio, E., 2018. "The future of risk assessment," Reliability Engineering and System Safety, Elsevier, vol. 177(C), pages 176-190.
- Qingqing Zhai & Rui Peng & Jun Zhuang, 2020. "Defender–Attacker Games with Asymmetric Player Utilities," Risk Analysis, John Wiley & Sons, vol. 40(2), pages 408-420, February.
- Vineet M. Payyappalli & Jun Zhuang & Victor Richmond R. Jose, 2017. "Deterrence and Risk Preferences in Sequential Attacker–Defender Games with Continuous Efforts," Risk Analysis, John Wiley & Sons, vol. 37(11), pages 2229-2245, November.
- Mohammad E. Nikoofal & Mehmet Gümüs, 2015. "On the value of terrorist’s private information in a government’s defensive resource allocation problem," IISE Transactions, Taylor & Francis Journals, vol. 47(6), pages 533-555, June.
- Hunt, Kyle & Agarwal, Puneet & Zhuang, Jun, 2021. "Technology adoption for airport security: Modeling public disclosure and secrecy in an attacker-defender game," Reliability Engineering and System Safety, Elsevier, vol. 207(C).
- Mohammad E. Nikoofal & Jun Zhuang, 2012. "Robust Allocation of a Defensive Budget Considering an Attacker's Private Information," Risk Analysis, John Wiley & Sons, vol. 32(5), pages 930-943, May.
- Roponen, Juho & Ríos Insua, David & Salo, Ahti, 2020. "Adversarial risk analysis under partial information," European Journal of Operational Research, Elsevier, vol. 287(1), pages 306-316.
- Kjell Hausken & Jonathan W. Welburn & Jun Zhuang, 2024. "A Review of Attacker–Defender Games and Cyber Security," Games, MDPI, vol. 15(4), pages 1-27, August.
- Wang, Wei & Di Maio, Francesco & Zio, Enrico, 2020. "Considering the human operator cognitive process for the interpretation of diagnostic outcomes related to component failures and cyber security attacks," Reliability Engineering and System Safety, Elsevier, vol. 202(C).
- Wang, Wei & Cammi, Antonio & Di Maio, Francesco & Lorenzi, Stefano & Zio, Enrico, 2018. "A Monte Carlo-based exploration framework for identifying components vulnerable to cyber threats in nuclear power plants," Reliability Engineering and System Safety, Elsevier, vol. 175(C), pages 24-37.
- Peiqiu Guan & Jun Zhuang, 2016. "Modeling Resources Allocation in Attacker‐Defender Games with “Warm Up” CSF," Risk Analysis, John Wiley & Sons, vol. 36(4), pages 776-791, April.
- Schlicher, Loe & Lurkin, Virginie, 2024. "Fighting pickpocketing using a choice-based resource allocation model," European Journal of Operational Research, Elsevier, vol. 315(2), pages 580-595.
- Dan Kovenock & Brian Roberson, 2012.
"Strategic Defense And Attack For Series And Parallel Reliability Systems: Comment,"
Defence and Peace Economics, Taylor & Francis Journals, vol. 23(5), pages 507-515, October.
- Dan Kovenock & Brian Roberson, 2010. "Strategic Defense and Attack for Series and Parallel Reliability Systems: Comment," Purdue University Economics Working Papers 1253, Purdue University, Department of Economics.
- González-Ortega, Jorge & Ríos Insua, David & Cano, Javier, 2019. "Adversarial risk analysis for bi-agent influence diagrams: An algorithmic approach," European Journal of Operational Research, Elsevier, vol. 273(3), pages 1085-1096.
- Bier, Vicki M. & Hausken, Kjell, 2013. "Defending and attacking a network of two arcs subject to traffic congestion," Reliability Engineering and System Safety, Elsevier, vol. 112(C), pages 214-224.
- Abdolmajid Yolmeh & Melike Baykal-Gürsoy, 2019. "Two-Stage Invest–Defend Game: Balancing Strategic and Operational Decisions," Decision Analysis, INFORMS, vol. 16(1), pages 46-66, March.
- Nikoofal, Mohammad E. & Zhuang, Jun, 2015. "On the value of exposure and secrecy of defense system: First-mover advantage vs. robustness," European Journal of Operational Research, Elsevier, vol. 246(1), pages 320-330.
- Szidarovszky, Ferenc & Luo, Yi, 2014. "Incorporating risk seeking attitude into defense strategy," Reliability Engineering and System Safety, Elsevier, vol. 123(C), pages 104-109.
- Ben Yaghlane, Asma & Azaiez, M. Naceur, 2017. "Systems under attack-survivability rather than reliability: Concept, results, and applications," European Journal of Operational Research, Elsevier, vol. 258(3), pages 1156-1164.
Corrections
All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:wly:riskan:v:39:y:2019:i:12:p:2766-2785. See general information about how to correct material in RePEc.
If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.
If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .
If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Wiley Content Delivery (email available below). General contact details of provider: https://doi.org/10.1111/(ISSN)1539-6924 .
Please note that corrections may take a couple of weeks to filter through the various RePEc services.