To read the full version of this content please select one of the options below:

A general defender‐attacker risk model for networks

W.I. Al Mannai (Naval Postgraduate School, Modeling, Virtual Environments, and Simulation Institute, Monterey, California, USA)
T.G. Lewis (Naval Postgraduate School, Center for Homeland Defense and Security, Monterey, California, USA)

Journal of Risk Finance

ISSN: 1526-5943

Article publication date: 23 May 2008

Abstract

Purpose

The purpose of this paper is to present a competitive defender‐attacker risk model that assumes a dual exponential relationship between defender (Ci) and attacker (Ai) resource allocation: vi(Ai,Ci)=eαici−eαiCiγiAi.

Design/methodology/approach

Network risk is defined in terms of degree sequence, g, node/link damage, d, and probability of failure, v: R=∑gividi. The paper finds the optimal allocation of resources (Ai, Ci) that minimizes R from the defender's point of view, and maximizes R from the attacker's point of view.

Findings

The effectiveness of the optimal min‐max strategy is compared with three allocation strategies: random, non‐network, and network. It is shown that total network risk is minimized by the non‐network strategy, because this strategy considers damage values and ignores network topology in the definition of risk.

Originality/value

The method is illustrated by applying it to critical infrastructure – a hypothetical water‐and‐power network.

Keywords

Citation

Al Mannai, W.I. and Lewis, T.G. (2008), "A general defender‐attacker risk model for networks", Journal of Risk Finance, Vol. 9 No. 3, pp. 244-261. https://doi.org/10.1108/15265940810875577

Publisher

:

Emerald Group Publishing Limited

Copyright © 2008, Emerald Group Publishing Limited