Exclusive Content & Downloads from ASQ

Data-Driven Cyber-Vulnerability Maintenance Policies

Summary: The frequencies of cyber-attacks and known cyber vulnerabilities continue to increase and there is a need for models to focus limited administrator attention and build cases for additional resources. A related challenge is the scarcity of available data partly because of security concerns. This article proposes a method based on Markov decision processes (MDP) for the generation and graphical evaluation of relevant maintenance policies for cases with limited data availability. The proposed method also provides an estimate of the cost benefit of collecting additional data. Both Bayesian and non-Bayesian formulations of the transition probabilities and cost models are considered. The authors apply the proposed method to a real world cyber-vulnerability dataset and generate specific guidance and cost predictions. The relevance of the proposed method to general MDP modeling is illustrated through the use of a numerical example involving three levels of data scarcity.

Anyone with a subscription, including Site and Enterprise members, can access this article.

Other Ways to Access content:

Join ASQ

Join ASQ as a Full member. Enjoy all the ASQ member benefits including access to many online articles.

Subscribe to Journal of Quality Technology

Access this and ALL OTHER Journal of Quality Technology online articles. You'll also receive the print version by mail.

  • Topics: Process Management
  • Keywords: Data driven decision making, Security, Computers, Markov chains, Uncertainty, Stochastic models, Data collection, Internet, Action clarification, Cyber attacks,
  • Author: Afful-Dadzie, Anthony; Allen, Theodore T.;
  • Journal: Journal of Quality Technology