Attacker-Defender Investment Strategies in Cybersecurity
Video
Team Information
Team Members
Austin Ebel, Research Assistant, Department of Electrical Engineering, Columbia Engineering
Faculty Advisor: Debasis Mitra, Professor of Electrical Engineering, Columbia University
Abstract
Malicious cyber activity cost the US economy between $57 and $109 billion in 2016, according to the Council of Economic Advisers. Consequently there has been considerable investments and research on cybersecurity, especially in technical defenses (encryption, intrusion detection, etc.). Yet there remains a significant need to better understand how firms should allocate investments. Previous work models how optimal investments in information security can depend on a variety of characteristics about the information itself, such as its inherent vulnerability and value. This research extends the notion of optimal investments to attackers and explores the dynamics and strategies that arise when two parties compete with opposing goals. Further, it generalizes defense strategies to more complicated networks where many vulnerabilities and assets exist. Our goal is to more accurately model how a firm might approach investing optimally in information security on a larger, more realistic scale, and in response to continuous attacks.
Contact this Team
Team Contact: Austin Ebel (use form to send email)