Remediation prioritisation using a return on investment approach

PDF

Authors
  1. Dondo, M.
Corporate Authors
Defence Research and Development Canada, Ottawa Research Centre, Ottawa ON (CAN)
Abstract
To effectively manage cyber security remediation activities, it is important for network defenders to have tools or methodologies that can provide quantitative measures to guide their decisionmaking. One such measure, which represents the tradeoff between network security and remediation costs, is the remediation return on investment (ROI). In this work, we present a novel multiattribute decision-making (MADM) approach to provide network defenders with this measure to support their decision-making processes during remediation course of action (COA) selection. We model the ROI measure from the many factors that characterise remediation activities in an operational network. We solve the MADM problem using the Technique for Order of Preference by Similarity to Ideal Solution (TOPSIS) and simple additive weighting (SAW) methodologies utilising different weight techniques. Our model then ranks the COAs by the highest remediation ROI measure. We show that our model provides reliable, self-consistent results and produces promising results when it is used with a combination of subjective operator-provided weights and those derived from the information content of the data.

Il y a un résumé en français ici.

Keywords
Cyber Defence
Report Number
DRDC-RDDC-2018-R286 — Scientific Report
Date of publication
01 Jul 2019
Number of Pages
39
DSTKIM No
CA049768
CANDIS No
810595
Format(s):
Electronic Document(PDF)

Permanent link

Document 1 of 1

Date modified: