Yazar "Ertem, Mehmet" seçeneğine göre listele

Listeleniyor 1 - 2 / 2
  • Küçük Resim Yok
    Öğe
    Optimal defense strategies against intelligent cyber attacks
    (İdris Karagöz, 2024) Ertem, Mehmet; Bier, Vicki M.
    We propose a comprehensive game-theoretic model pertaining to the security of computer networks, specifically addressing the interaction between defenders and attackers. The model incorporates attack graphs to outline potential attacker strategies and defender responses. To account for the attacker's capacity to execute multiple attempts, we introduce a probabilistic element, wherein the success or failure at any arc of the attack graph is treated as stochastic. This characterization gives rise to a multi-stage stochastic network-interdiction problem. In this problem formulation, the defender strategically interdicts a set of arcs in anticipation of the likely actions of the attacker, who, in turn, can make multiple attempts to traverse the network. We mathematically articulate this scenario as a stochastic bilevel mixed-integer program with a "min-max" objective. The defender's aim is to minimize the probability of the attacker's success, while the attacker seeks to maximize the probability of successfully traversing the network across multiple attempts. The defender's stochastic bilevel optimization model is solved using the integer L-shaped method. Upon analyzing the defender's perspective, we observe the anticipated trend that the overall success probability of the attacker diminishes with an increasing level of defense. Notably, in the sensitivity analysis involving relatively small attack graphs, we discover that the optimal defense strategy against a myopic attacker often aligns with that against a non-myopic attacker. Furthermore, in instances where deviations exist, the disparity in performance is generally marginal. However, our findings demonstrate a potential divergence in optimal defense strategies when the available attack paths share numerous common arcs.
  • Küçük Resim Yok
    Öğe
    Risk analysis of cyber networks: a quantitative approach based on attack-defense trees
    (İdris Karagöz, 2024) Ertem, Mehmet; Ozcelık, İlker
    With the rapid increase in cyber-attacks and potential damage in today's world, ensuring cybersecurity has become of paramount importance for companies and organizations. In this study, an approach based on attack-defense trees has been developed for the quantitative analysis of cyber risks. The proposed methodology utilizes attack-defense trees to measure the risk levels of nodes representing cyber threats and systematically calculate the total risk when specific defense measures are implemented. The developed cyber risk analysis approach has been applied to a common scenario involving phishing attacks, and cyber risk values have been calculated under various defense strategies. For instance, when no defense measures are taken, the cyber risk value is calculated as 0.28392. However, when technical defense measures such as antivirus software, intrusion detection systems (IDS), access control, web content filtering, and spam control are implemented, the risk value significantly decreases by approximately 97.5% to 0.00721. Furthermore, incorporating user training results in a 98% reduction in risk value. Implementing basic defense measures targeting individual users, such as antivirus and spam control, leads to a reduction of around 90% in the risk value. The accuracy and significance of the proposed approach are demonstrated through the results obtained from this sample study. The contributions of the developed approach to determining cybersecurity strategies are detailed in the discussion section.