Towards Optimal Sensor Placement for Cybersecurity: An Extensible Model for Defensive Cybersecurity Sensor Placement Evaluation
Neal Wagner, Suresh K. Damodaran, Michael Reavey

TL;DR
This paper introduces a flexible model to evaluate optimal placement of cybersecurity sensors to defend against cyber attacks.
Contribution
An extensible mathematical model for evaluating cybersecurity sensor configurations, considering both data sources and analytics.
Findings
The model can evaluate sensor configurations using real cyber attack techniques from MITRE ATT&CK.
The model supports adaptation of OSP techniques from other domains to cybersecurity.
A case study demonstrates the model's effectiveness in defending against multi-step attacks.
Abstract
Optimal sensor placement (OSP) is concerned with determining a configuration for a collection of sensors, including sensor type, number, and location, that yields the best evaluation according to a predefined measure of efficacy. Central to the OSP problem is the need for a method to evaluate candidate sensor configurations. Despite the wide use of cybersecurity sensors for the protection of network systems against cyber attacks, there is limited research focused on OSP for defensive cybersecurity, and limited research on evaluation methods for cybersecurity sensor configurations that consider both the sensor data source locations and the sensor analytics/rules used. This paper seeks to address these gaps by providing an extensible mathematical model for the evaluation of cybersecurity sensor configurations, including sensor data source locations and analytics, meant to defend against…
Genes, proteins, chemicals, diseases, species, mutations and cell lines named across the full text — each resolved to its canonical identifier and authoritative record.
Click any figure to enlarge with its caption.
Figure 1
Figure 2
Figure 3
Figure 4
Figure 5
Figure 6
Figure 7
Figure 8
Figure 9
Figure 10
Figure 11Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsSmart Grid Security and Resilience · Infrastructure Resilience and Vulnerability Analysis · Network Security and Intrusion Detection
