Gespeichert in:
Bibliographische Detailangaben
1. Verfasser: Kreidl, Patrick
Format: Preprint
Veröffentlicht: 2025
Schlagworte:
Online-Zugang:https://arxiv.org/abs/2509.07919
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
_version_ 1866911145045000192
author Kreidl, Patrick
author_facet Kreidl, Patrick
contents We formulate and analyze a simplest Markov decision process model for intrusion tolerance problems, assuming that (i) each attack proceeds through one or more steps before the system's security fails, (ii) defensive responses that target these intermediate steps may only sometimes thwart the attack and (iii) reset responses that are sensible upon discovering an attack's completion may not always recover from the security failure. The analysis shows that, even in the ideal case of perfect detectors, it can be sub-optimal in the long run to employ defensive responses while under attack; that is, depending on attack dynamics and response effectiveness, the total overhead of ongoing defensive countermeasures can exceed the total risk of intermittent security failures. The analysis similarly examines the availability loss versus the risk reduction of employing preemptive resets, isolating key factors that determine whether system recovery is best initiated reactively or proactively. We also discuss model extensions and related work looking towards intrusion tolerance applications with (i) imperfect or controllable detectors, (ii) multiple types of attacks, (iii) continuous-time dynamics or (iv) strategic attackers.
format Preprint
id arxiv_https___arxiv_org_abs_2509_07919
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle A Markov Decision Process Model for Intrusion Tolerance Problems
Kreidl, Patrick
Systems and Control
We formulate and analyze a simplest Markov decision process model for intrusion tolerance problems, assuming that (i) each attack proceeds through one or more steps before the system's security fails, (ii) defensive responses that target these intermediate steps may only sometimes thwart the attack and (iii) reset responses that are sensible upon discovering an attack's completion may not always recover from the security failure. The analysis shows that, even in the ideal case of perfect detectors, it can be sub-optimal in the long run to employ defensive responses while under attack; that is, depending on attack dynamics and response effectiveness, the total overhead of ongoing defensive countermeasures can exceed the total risk of intermittent security failures. The analysis similarly examines the availability loss versus the risk reduction of employing preemptive resets, isolating key factors that determine whether system recovery is best initiated reactively or proactively. We also discuss model extensions and related work looking towards intrusion tolerance applications with (i) imperfect or controllable detectors, (ii) multiple types of attacks, (iii) continuous-time dynamics or (iv) strategic attackers.
title A Markov Decision Process Model for Intrusion Tolerance Problems
topic Systems and Control
url https://arxiv.org/abs/2509.07919