The structure and topology of rooted weighted trees modeling layered cyber-security systems

TL;DR

This paper models layered cyber-security systems using rooted weighted trees, analyzing optimal configurations and their properties, and establishing a duality between different model types to inform security organization.

Contribution

It introduces a formal tree-based framework for layered security, characterizes tree structures that admit optimal security systems, and explores duality between penetration costs and prizes.

Findings

Optimal security systems exist for certain tree types

Tree structure determines the possibility of optimal security configurations

Duality between P- and C-models enables result translation

Abstract

In this paper we consider a layered-security model in which the containers and their nestings are given in the form of a rooted tree $T$. A {\em cyber-security model\/} is an ordered three-tuple $M = (T, C, P)$ where $C$ and $P$ are multisets of {\em penetration costs\/} for the containers and {\em target-acquisition values\/} for the prizes that are located within the containers, respectively, both of the same cardinality as the set of the non-root vertices of $T$. The problem that we study is to assign the penetration costs to the edges and the target-acquisition values to the vertices of the tree $T$ in such a way that minimizes the total prize that an attacker can acquire given a limited {\em budget}. For a given assignment of costs and target values we obtain a {\em security system}, and we discuss three types of them: {\em improved}, {\em good}, and {\em optimal}. We show that in general it is not possible to develop an optimal security system for a given cyber-security model $M$. We define P- and C-models where the penetration costs and prizes, respectively, all have unit value. We show that if $T$ is a rooted tree such that any P- or C-model $M = (T,C,P)$ has an optimal security system, then $T$ is one of the following types: (i) a rooted path, (ii) a rooted star, (iii) a rooted 3-caterpillar, or (iv) a rooted 4-spider. Conversely, if $T$ is one of these four types of trees, then we show that any P- or C-model $M = (T,C,P)$ does have an optimal security system\@. Finally, we study a duality between P- and C-models that allows us to translate results for P-models into corresponding results for C-models and vice versa. The results obtained give us some mathematical insights into how layered-security defenses should be organized.