Milad Taleby Ahvanooey,Mark Xuefang Zhu,Shiyan Ou,Hassan Dana Mazraeh,Wojciech Mazurczyk,Kim-Kwang Raymond Choo,Chuan Li

DOI: https://doi.org/10.1016/j.cose.2023.103263

IF: 5.105

2023-01-01

Computers & Security

Abstract:Social Media Platforms (SMPs) have changed how we communicate, share, and obtain information. However, this also comes at a cost, as users (willingly) share their Privately Sensitive Data (PSDs), such as pictures, real-time locations, and other personal connections, on SMPs. Recently, privacy concerns have gained much attention from both academia and industry. The current literature lacks the privacy risk assessment model that can lead the management sectors (e.g., industrial, social, and governmental) to cooperate to mitigate the privacy invasion risks of users' PSDs in SMPs. Hence, we propose a novel assessment model (hereafter referred to as AFPr-AM), suggesting alternative strategies for reducing privacy invasion risks of users' PSDs in SMPs based on determinant criteria. First, we explore multiple factors from the literature that affect the privacy invasion risks of users' PSDs. Then, to prioritize the importance of determinant criteria, we seek sixty experts to participate in our survey and rank these factors. Finally, we apply the fuzzy analytical hierarchy process approach for weighting the criteria based on the experts' opinions. Moreover, we employ a cooperative game theory-based multi criteria decision making framework to assess the possibilities of players' interactions (e.g., management sectors), considering the weighted criteria as players' payoffs. Our extensive experiments demonstrate that the AFPr-AM model provides effective strategic alternatives to mitigate the possible invasion risks of users' PSDs in SMPs.(c) 2023 Elsevier Ltd. All rights reserved.

Linlin Yang,Wei Wang,Yanjiao Chen,Qian Zhang

DOI: https://doi.org/10.1016/j.comnet.2014.12.017

IF: 5.493

2015-01-01

Computer Networks

Abstract:With the prosperity of the Internet, many advertisers choose to deliver their advertisements by online targeting, where the ad broker is responsible for matching advertisements with users who are likely to be interested in the underlying products or services. However, this online advertisement targeting system requires user profile information and may fail due to privacy issues. In light of growing privacy concerns, we propose a privacy-aware framework for online advertisement targeting, where users are compensated for their privacy leakage and motivated to click more advertisements. In the framework, an ad broker pays a varying amount of money to users for clicking different advertisements due to distinct privacy leakage. Meanwhile advertisers send advertisements to the ad broker and determine the price per user click they need to pay. We model the interactions among advertisers, the ad broker and users as a three-stage game, where every player aims at maximizing its own utility, and Nash Equilibrium is achieved by backward induction. We further analyze the optimal strategies for advertisers, the ad broker and users. Numerical results have shown that the proposed privacy-aware framework is effective as it enables all advertisers, the ad broker and users to maximize their utilities in case of different levels of user privacy sensitivities. In addition, the proposed framework produces higher profits for advertisers and the ad broker than the traditional “paid to click” system.

Li Kuang,Yujia Zhu,Shuqi Li,Xuejin Yan,Han Yan,Shuiguang Deng

DOI: https://doi.org/10.1155/2018/3486529

IF: 1.968

2018-01-01

Security and Communication Networks

Abstract:With the rapid development of sensor acquisition technology, more and more data are collected, analyzed, and encapsulated into application services. However, most of applications are developed by untrusted third parties. Therefore, it has become an urgent problem to protect users’ privacy in data publication. Since the attacker may identify the user based on the combination of user’s quasi-identifiers and the fewer quasi-identifier fields result in a lower probability of privacy leaks, therefore, in this paper, we aim to investigate an optimal number of quasi-identifier fields under the constraint of trade-offs between service quality and privacy protection. We first propose modelling the service development process as a cooperative game between the data owner and consumers and employing the Stackelberg game model to determine the number of quasi-identifiers that are published to the data development organization. We then propose a way to identify when the new data should be learned, as well, a way to update the parameters involved in the model, so that the new strategy on quasi-identifier fields can be delivered. The experiment first analyses the validity of our proposed model and then compares it with the traditional privacy protection approach, and the experiment shows that the data loss of our model is less than that of the traditional k-anonymity especially when strong privacy protection is applied.

Yu Wu,Li Pan

DOI: https://doi.org/10.1016/j.cose.2020.102157

IF: 5.105

2020-01-01

Computers & Security

Abstract:Online social networks are indispensable platforms where people share personal data from their daily lives. However, social sharing raises many privacy issues. One of the most difficult, the “privacy paradox,” is that social-network users want to meet their social needs by enhancing interactions with their friends and are at the same time concerned about the risk of privacy leakage. This work aims to help social-network users weigh the benefits of social sharing and the costs of privacy leakage. A proposed criterion for privacy-risk measurement can quantify the probability of privacy leakage according to multi-person competitive behaviors. By analyzing the continuous competition between a user and some unwanted knowers, a general-sum stochastic game model related to the privacy paradox is constructed. The Markov decision process (MDP) and a role-mining method are introduced to facilitate the game analysis. The existence of a Nash equilibrium strategy is proved theoretically, and effective personal access-control policies are derived from this strategy as solved by a reinforcement learning algorithm. Experiments evaluate the constructed privacy stochastic game model and the new criterion for privacy-risk measurement. This work helps users develop effective personal policies in all cases to optimize their payoffs in the privacy paradox.

Farida Habib Semantha,Sami Azam,Bharanidharan Shanmugam,Kheng Cher Yeo,Abhijith Reddy Beeravolu

DOI: https://doi.org/10.1109/access.2021.3134873

IF: 3.9

2021-01-01

IEEE Access

Abstract:Privacy has become an increasingly significant apprehension in today’s rapidly changing economy primarily for personal and sensitive user data. The levels of personal data violation are increasing day by day however privacy-preserving frameworks are available. This paper conducted an in-depth analysis of contemporary frameworks to identify the key mechanisms to produce a sophisticated data privacy framework to reduce the rate of data breach particularly for the Patient Record Management System (PRMS). There are several studies available that stated healthcare data privacy, still, complete data protection solution with the application of privacy by design towards patients’ health data by ensuring privacy in each layer of the PRMS are quite limited, which is the focus of this study. PRMS manages personal and sensitive data while delivering healthcare services to the patients and as such, have also the potential to carry significant risks to the privacy of their data. A novel conceptual framework with three distinct and sequential phases is suggested in this research, each of which is defined in a distinct section. The first phase is defined as the planning to identify the key limitations of contemporary frameworks so these can be minimized to ensure privacy in each layer of data processing. The second phase incorporates the key components of data privacy to satisfy the efficiency and effectiveness of the proposed framework. Finally, the third phase is the implementation of the selected requirements of the assessment phase to prevent privacy incursion events in PRMS. The complete framework is anticipated to deliver a sophisticated resistance in contradiction to the continuous data breaches in the patients’ information domain.

computer science, information systems,telecommunications,engineering, electrical & electronic

Renwan Bi,Qianxin Chen,Lei Chen,Jinbo Xiong,Dapeng Wu

DOI: https://doi.org/10.1155/2020/8891889

2020-10-16

Wireless Communications and Mobile Computing

Abstract:It is enormously challenging to achieve a satisfactory balance between quality of service (QoS) and users’ privacy protection along with measuring privacy disclosure in social Internet of Things (IoT). We propose a privacy-preserving personalized service framework (Persian) based on static Bayesian game to provide privacy protection according to users’ individual security requirements in social IoT. Our approach quantifies users’ individual privacy preferences and uses fuzzy uncertainty reasoning to classify users. These classification results facilitate trustworthy cloud service providers (CSPs) in providing users with corresponding levels of services. Furthermore, the CSP makes a strategic choice with the goal of maximizing reputation through playing a decision-making game with potential adversaries. Our approach uses Shannon information entropy to measure the degree of privacy disclosure according to the probability of game mixed strategy equilibrium. Experimental results show that Persian guarantees QoS and effectively protects user privacy despite the existence of adversaries.

computer science, information systems,telecommunications,engineering, electrical & electronic

Yilin Kang,Qiao Zhang,Bingbing Jiang,Youjun Bu

DOI: https://doi.org/10.3390/electronics13101805

IF: 2.9

2024-05-08

Electronics

Abstract:With the development of information technology, tremendous vulnerabilities and backdoors have evolved, causing inevitable and severe security problems in cyberspace. To fix them, the endogenous safety and security (ESS) theory and one of its practices, the Dynamic Heterogeneous Redundant (DHR) architecture, are proposed. In the DHR architecture, as an instance of the multi-heterogeneous system, a decision module is designed to obtain intermediate results from heterogeneous equivalent functional executors. However, privacy-preserving is not paid attention to in the architecture, which may cause privacy breaches without compromising the ESS theory. In this paper, based on differential privacy (DP), a theoretically rigorous privacy tool, we propose a privacy-preserving DHR framework called DP-DHR. Gaussian random noise is injected into each (online) executor output in DP-DHR to guarantee DP, but it also makes the decision module unable to choose the final result because each executor output is potentially correct even if it is compromised by adversaries. To weaken this disadvantage, we propose the advanced decision strategy and the hypersphere clustering algorithm to classify the perturbed intermediate results into two categories, candidates and outliers, where the former is closer to the correct value than the latter. Finally, the DP-DHR is proven to guarantee DP, and the experimental results also show that the utility is not sacrificed for the enhancement of privacy by much (a ratio of 4–7% on average), even in the condition of some executors (less than one-half) being controlled by adversaries.

engineering, electrical & electronic,computer science, information systems,physics, applied

Gaurav Kabra,Anbanandam Ramesh,Vipul Jain,Pervaiz Akhtar

DOI: https://doi.org/10.1108/jeim-10-2021-0456

2023-01-25

Journal of Enterprise Information Management

Abstract:Purpose The humanitarian supply chain (HSC) area is rich with conceptual frameworks with a focus on the importance of information and digital technology (IDT) applications. These frameworks have a limited scope in investigating and prioritizing barriers to IDT adoption in HSCs. The present study thus identifies and prioritizes the barriers to IDT adoption in organizations involved in HSCs. Design/methodology/approach By using a literature review allied with expert discussions and a fuzzy analytic hierarchy process (F-AHP), the study identifies and prioritizes a comprehensive set of barriers that organizations involved in HSCs may consider to improve IDT adoption. Findings The study investigates five main barriers (strategic, organizational, technological, financial and human) interlocked with 25 sub-barriers impacting the level of IDT adoption in organizations involved in HSCs. The findings indicate that strategic barriers (SBs) are of greatest importance, followed by organizational, technological, financial and human barriers. The findings indicate the difference in ranking barriers influencing the adoption of IDTs in HSCs compared to the commercial supply chain. Research limitations/implications Although a three-step method adopted for this study is rigorous in terms of the way this research is conducted, it is essential to report that prioritization is based on the subjective opinions of the experts. Practical implications The findings aim to assist policymakers and practitioners in developing effective strategies to improve IDT adoption in organizations engaged in HSCs. Moreover, the prioritization of barriers provides a systematic way to overcome any barriers to improve HSC performance. Originality/value This study is first of its kind that investigates and prioritizes the barriers to IDT adoption in HSCs.

information science & library science,management

Yang Lu,Shujun Li,Athina Ioannou,Iis Tussyadiah

DOI: https://doi.org/10.48550/arXiv.1909.09942

2019-09-22

Cryptography and Security

Abstract:Although there are privacy-enhancing tools designed to protect users' online privacy, it is surprising to see a lack of user-centric solutions allowing privacy control based on the joint assessment of privacy risks and benefits, due to data disclosure to multiple platforms. In this paper, we propose a conceptual framework to fill the gap: aiming at the user-centric privacy protection, we show the framework can not only assess privacy risks in using online services but also the added values earned from data disclosure. Through following a human-in-the-loop approach, it is expected the framework provides a personalized solution via preference learning, continuous privacy assessment, behavior monitoring and nudging. Finally, we describe a case study towards "leisure travelers" and several future areas to be studied in the ongoing project.

Xiaofeng Zhang,William K. Cheung,Zongwei Luo,Frank Tong

DOI: https://doi.org/10.4018/jal.2010100101

2010-01-01

Abstract:With the adoption of radio frequency identification (RFID) technology, information sharing among participants in a supply chain is greatly facilitated, raising privacy concerns on sharing sensitive information. Balancing the conflicts between the improvement of visibility and the decrease of sensitive information shared is paramount. In this paper, the authors propose a leader-follower game model called LFM to model the strategic game between buyer and supplier. A Stackelberg equilibrium state is then computed as the solution to this game model. The proposed approach exhibits better performance when compared with conventional optimization approaches via derivation in terms of the total information sharing level and the total gain acquired verified by the experiments. In the future, the authors will extend this approach to a more complex situation with more participants in a dynamic environment.

Xiaojin Zhang,Lixin Fan,Siwei Wang,Wenjie Li,Kai Chen,Qiang Yang

DOI: https://doi.org/10.1145/3656049

IF: 5

2024-04-10

ACM Transactions on Intelligent Systems and Technology

Abstract:In federated learning, benign participants aim to optimize a global model collaboratively. However, the risk of privacy leakage cannot be ignored in the presence of semi-honest adversaries. Existing research has focused either on designing protection mechanisms or on inventing attacking mechanisms. While the battle between defenders and attackers seems never-ending, we are concerned with one critical question: is it possible to prevent potential attacks in advance? To address this, we propose the first game-theoretic framework that considers both FL defenders and attackers in terms of their respective payoffs, which include computational costs, FL model utilities, and privacy leakage risks. We name this game the federated learning privacy game (FLPG), in which neither defenders nor attackers are aware of all participants’ payoffs. To handle the incomplete information inherent in this situation, we propose associating the FLPG with an oracle that has two primary responsibilities. First, the oracle provides lower and upper bounds of the payoffs for the players. Second, the oracle acts as a correlation device, privately providing suggested actions to each player. With this novel framework, we analyze the optimal strategies of defenders and attackers. Furthermore, we derive and demonstrate conditions under which the attacker, as a rational decision-maker, should always follow the oracle’s suggestion not to attack .

computer science, information systems, artificial intelligence

Chunhua Gu,Fei Luo,Ya Li,Weichao Ding

DOI: https://doi.org/10.1109/compcomm.2018.8780863

2018-01-01

Abstract:The characteristic of the cloud computing, resources sharing, determines that user behavior trustworthiness is crucial to the security of cloud resources. However, the traditional access control model (Role Based Access Control, RBAC) is only based on user identity trust and does not consider whether the user behavior is trusted or not, and the authorization mechanism is static, lacking of flexibility. Moreover, the lack of monitoring of user behavior makes it unable to timely detect and prevent the illegal operation of users. In view of the above several problems, this paper improves the traditional RBAC model, introduces the concepts of user trust evaluation and security level to the RBAC, uses the fuzzy analytic hierarchy process (FAHP) to calculate the user trust value, supervise and control the process when the user executes permissions, so as to achieve the purpose of dynamic access control based on user identity trust and behavior trust. The results of validation analysis of the improved model show that the improved RBAC model overcomes the shortcomings of the traditional RBAC model and can better protect the security of cloud resources, with small control granularity and good flexibility.

Denys A. Flores,Ricardo Perugachi

DOI: https://doi.org/10.48550/arXiv.2306.04783

2023-06-08

Abstract:Computer systems process, store and transfer sensitive information which makes them a valuable asset. Despite the existence of standards such as ISO 27005 for managing information risk, cyber threats are increasing, exposing such systems to security breaches, and at the same time, compromising users' privacy. However, threat modelling has also emerged as an alternative to identify and analyze them, reducing the attack landscape by discarding low-risk attack vectors, and mitigating high-risk ones. In this work, we introduce a novel threat-modelling-based approach for risk management, using ISO 27005 as a baseline for integrating ISO 27001/27002 security controls with privacy regulations outlined in the European General Data Protection Regulation (GDPR). In our proposal, risk estimation and mitigation is enhanced by combining STRIDE and attack trees as a threat modelling strategy. Our approach is applied to an IoT case study, where different attacks are analyzed to determine their risk levels and potential countermeasures.

Cryptography and Security

Franco Oberti,Ernesto Sanchez,Alessandro Savino,Filippo Parisi,Stefano Di Carlo

DOI: https://doi.org/10.48550/arXiv.2305.05309

2023-05-09

Cryptography and Security

Abstract:As more cars connect to the internet and other devices, the automotive market has become a lucrative target for cyberattacks. This has made the industry more vulnerable to security threats. As a result, car manufacturers and governments are working together to reduce risks and prevent cyberattacks in the automotive sector. However, existing attack feasibility models derived from the information technology field may not always provide accurate assessments of the potential risks faced by Vehicle Electronic Control Units in different operating conditions and domains. This paper introduces the PUNCH Softronix and Politecnico di Torino (PSP) framework to address this issue. This framework is designed to provide accurate assessments compatible with the attack feasibility models defined by the automotive product security standards. The PSP framework utilizes social sentiment analysis to evaluate the real threat risk levels.

Abedelaziz Mohaisen,Dowon Hong

DOI: https://doi.org/10.48550/arXiv.0808.3166

2008-08-23

Abstract:The privacy preserving data mining (PPDM) has been one of the most interesting, yet challenging, research issues. In the PPDM, we seek to outsource our data for data mining tasks to a third party while maintaining its privacy. In this paper, we revise one of the recent PPDM schemes (i.e., FS) which is designed for privacy preserving association rule mining (PP-ARM). Our analysis shows some limitations of the FS scheme in term of its storage requirements guaranteeing a reasonable privacy standard and the high computation as well. On the other hand, we introduce a robust definition of privacy that considers the average case privacy and motivates the study of a weakness in the structure of FS (i.e., fake transactions filtering). In order to overcome this limit, we introduce a hybrid scheme that considers both privacy and resources guidelines. Experimental results show the efficiency of our proposed scheme over the previously introduced one and opens directions for further development.

Cryptography and Security

Shantanu Dey Saurabh Kumar Information Systems Area,Indian Institute of Management,Indore,IndiaShantanu Dey is a research scholar from the Indian Institute of Management,Indore,in the Information Systems Area. He is an industry practitioner with over 23 years of experience in supply chain,project and program management,AI-ML,ERP,emerging technology consulting,and digital transformation. He has published a paper in Sustainable Manufacturing and Service Economics. He has presented supply chain and information systems papers at four international conferences between 2022 and 2023. He also presented a paper as part of the TREO talks at the International Conference on Information Systems (ICIS 2023) organized by the Association for Information Systems (AIS). His research interests are emerging technology systems adoption in business and supply chain transformation,distributed and decentralized information systems,and data analytics. He graduated from the Indian Institute of Management,Ahmedabad (2002). He worked with organizations across automotive,retail supply chain,and pharmaceutical domains,including Infosys,Thomson Reuters,and Tata Consultancy Services.Saurabh Kumar is an Associate Professor of Information Systems at IIM Indore. He has completed his FPM degree (PhD) from the Indian Institute of Management Lucknow. He has also served as a Visiting Research Scholar at Beedie School of Business,Simon Fraser University,Canada. Before his FPM degree,he served at Tata Consultancy Services in Bangalore. He has various publications in reputed journals like Industrial Marketing Management,IEEE Transactions on Engineering Management,Business Strategy and Environment,Behaviour & Information Technology,Journal of Enterprise Information Management,and so on. His research and teaching interests include business analytics,data mining,soft computing techniques,privacy and security issues.

DOI: https://doi.org/10.1080/10919392.2024.2398889

IF: 2.2368

2024-09-14

Journal of Organizational Computing and Electronic Commerce

Abstract:Supply chain partners exchange information to achieve shared performance goals. However, information sharing is fraught with risks and concerns around organizational data privacy and security. Extant studies provide connectivity and supply chain partners' willingness to share information as factors driving information-sharing. In an Industry 4.0 supply chain, technology provides the capability to share information across organizations. Literature highlights the role of technological capabilities and privacy by design in addressing the risks and concerns in information sharing that may influence the willingness of supply chain partners to share information. We introduce the framework of organizational privacy calculus comprising privacy by design to balance the needs and willingness to share information against environmental dynamism, regulations, and data sensitivity risks that can impact information sharing in the supply chain and procurement. We use OIPT and privacy calculus as theoretical lenses to derive empirically the balancing framework. The contribution of our study is twofold: proposing an organizational privacy calculus that focuses on organizational information sharing and highlighting the importance of privacy by design to alleviate risks of sharing sensitive information. The study empirically establishes that technology capabilities and privacy protection measures are essential for enhancing inter-organizational willingness to share information to balance against concerns.

computer science, information systems, interdisciplinary applications

Ali Mahmoudi,Reza Mahmoudi,Ali Emrouznejad,Ashkan Hafezalkotob

DOI: https://doi.org/10.1007/s10668-022-02623-w

2022-09-09

Abstract:By introducing the concept of sustainable development, managers and policymakers in many industries have been encouraged to consider environmental and social issues in addition to economic objectives in their planning. Following this concept, sustainable supply chain management has become the main concern of many studies. Among all the strategies to achieve sustainability targets in a supply chain, cooperating with third-party logistics companies has attracted lots of attention. By providing more sustainable and efficient transportation services, 3PLs can help all types of regular, closed-loop, and circular SCs achieve more profit, while they are still sustainable, at least in distribution and collection/recycling stages. This study investigates the sustainable multi-channel SC design problem in the presence of the government and 3PLs. To bring the present study closer to the real-world situation, the problem is modeled using an intuitionistic fuzzy uncertainty approach. Considering the government as the leader of the SC in two centralized and decentralized decision structures, game theory has been applied to model the game between players and obtain optimal decision values. For the first time in the literature, public awareness toward green activities of the players, emission reduction, uncertainty, and delivery time have been considered in this study. The results show the presence of a 3PL will reduce the delivery time and the amount of pollution. Also, the findings confirm that governments can control the players' activities and encourage them to apply green strategies using financial tools.

P. Geetha,Chandrakant Naikodi,Suresh Lakshmi Narasimha Setty

DOI: https://doi.org/10.1007/978-981-15-0372-6_19

2019-12-03

Abstract:Technological advancements in the field of Big Data and IoT have led to unprecedented growth in digital data. Data is collected from multiple distributed sources by business organizations, government agencies, and healthcare sectors. Data collected is mined to uncover valuable data, and the insights they provide are used by these organizations for optimized decision making. Data thus amassed may also contain sensitive personal information of individuals that are at risk of disclosure during analytics. Hence, there is a need for a privacy-aware system that enforces sensitive data protection. But such a system constrains the usefulness of data. Study shows that although significant findings do exist for balancing these contradicting objectives, the efficacy and scalability of these solutions continue to challenge the research community, given the volume of Big Data. Assessing the appropriate blend of these objectives for mutual benefit of organizations and customers requires leveraging the benefit of the modern tools and technologies in the Big Data ecosystem. This research study extensively reviews the previous work in the direction of privacy preserved Big Data analytics, and the review is first of its kind in exploring the challenges that have to be overcome in striking a balance between data value, privacy, scalability, and performance.

Kai Gao,Tingting Liu,Yuan Rong,Vladimir Simic,Harish Garg,Tapan Senapati

DOI: https://doi.org/10.1007/s40747-024-01500-5

IF: 6.7

2024-07-02

Complex & Intelligent Systems

Abstract:Abstract The transformation and upgrading of traditional supply chain models through digital technology receive widespread attention from the fields of circular economy, manufacturing, and sustainable development. Enterprises need to choose a digital supply chain partner (DSCP) during the process of digital transformation in uncertain and sustainable environments. Thus, the research constructs an innovative decision methodology for selecting the optimal DSCP to achieve digital transformation. The proposed methodology is propounded based upon the entropy measure, generalized Dombi operators, integrated weight-determination model, and complex proportional assessment (COPRAS) method under spherical fuzzy circumstances. Specifically, a novel entropy measure is proposed for measuring the fuzziness of spherical fuzzy (SF) sets, while generalized Dombi operators are presented for fusing SF information. The related worthwhile properties of these operators are discussed. Further, an integrated criteria weight-determination model is presented by incorporating objective weights obtained from the SF entropy-based method and subjective weights from the SF best worst method. Afterward, an improvement of the COPRAS method is proposed based on the presented generalized Dombi operators with SF information. Lastly, the practicability and validity of the proposed methodology are verified by an empirical study that selects an appropriate DSCP for a new energy vehicle enterprise to finish the goal of digital transformation. The sensitivity and comparative analysis are carried out to illustrate the stability, reliability, and superiority of the propounded methodology from multiple perspectives. The results and conclusions indicate that the propounded method affords a synthetic and systematic uncertain decision-making framework for identifying the optimal DSCP with incomplete weight information.

computer science, artificial intelligence

Alexander A. Ganin,Phuoc Quach,Mahesh Panwar,Zachary A. Collier,Jeffrey M. Keisler,Dayton Marchese,Igor Linkov

DOI: https://doi.org/10.1111/risa.12891

2017-09-05

Risk Analysis

Abstract:Risk assessors and managers face many difficult challenges related to novel cyber systems. Among these challenges are the constantly changing nature of cyber systems caused by technical advances, their distribution across the physical, information, and sociocognitive domains, and the complex network structures often including thousands of nodes. Here, we review probabilistic and risk-based decision-making techniques applied to cyber systems and conclude that existing approaches typically do not address all components of the risk assessment triplet (threat, vulnerability, consequence) and lack the ability to integrate across multiple domains of cyber systems to provide guidance for enhancing cybersecurity. We present a decision-analysis-based approach that quantifies threat, vulnerability, and consequences through a set of criteria designed to assess the overall utility of cybersecurity management alternatives. The proposed framework bridges the gap between risk assessment and risk management, allowing an analyst to ensure a structured and transparent process of selecting risk management alternatives. The use of this technique is illustrated for a hypothetical, but realistic, case study exemplifying the process of evaluating and ranking five cybersecurity enhancement strategies. The approach presented does not necessarily eliminate biases and subjectivity necessary for selecting countermeasures, but provides justifiable methods for selecting risk management actions consistent with stakeholder and decisionmaker values and technical data.

public, environmental & occupational health,mathematics, interdisciplinary applications,social sciences, mathematical methods