Cyber Vulnerability Maintenance Policies That Address The Incomplete Nature of Inspection
Published in Applied Stochastic Models in Business and Industry, 2019
Abstract: In cybersecurity, incomplete inspection, resulting mainly from computers being turned off during the scan, leads to a challenge for scheduling maintenance actions. This article proposes the application of partially observable decision processes to derive cost‐effective cyber maintenance actions that minimize total costs. We consider several types of hosts having vulnerabilities at various levels of severity. The maintenance cost structure in our proposed model consists of the direct costs of maintenance actions in addition to potential incident costs associated with different security states. To assess the benefits of optimal policies obtained from partially observable Markov decision processes, we use real‐world data from a major university. Compared with alternative policies using simulations, the optimal control policies can significantly reduce expected maintenance expenditures per host and relatively quickly mitigate the most important vulnerabilities.
Recommondation citation: ‘Liu E, Allen TT, Roychowdhury S. Cyber vulnerability maintenance policies that address the incomplete nature of inspection. Appl Stochastic Models Bus Ind. 2019;35:1390–1410.’