Optimal Cybersecurity Investments Using SIS Model: Weakly Connected Networks

TL;DR

This paper addresses optimal cybersecurity investments in large, weakly connected networks using an SIS model, proposing a perturbation approach to overcome the limitations of existing methods for non-strongly connected graphs.

Contribution

It introduces a novel perturbation method to compute optimal security investments in weakly connected networks, extending existing models beyond strongly connected assumptions.

Findings

Perturbation approach enables solution in weakly connected networks

Continuity results facilitate adaptation of existing algorithms

Effective minimization of security costs demonstrated

Abstract

We study the problem of minimizing the (time) average security costs in large systems comprising many interdependent subsystems, where the state evolution is captured by a susceptible-infected-susceptible (SIS) model. The security costs reflect security investments, economic losses and recovery costs from infections and failures following successful attacks. However, unlike in existing studies, we assume that the underlying dependence graph is only weakly connected, but not strongly connected. When the dependence graph is not strongly connected, existing approaches to computing optimal security investments cannot be applied. Instead, we show that it is still possible to find a good solution by perturbing the problem and establishing necessary continuity results that then allow us to leverage the existing algorithms.