Quantifying Cyberinfrastructure Resilience against Multi‐Event Attacks

This article introduces a general approach for characterizing cyberinfrastructure resilience in the face of multiple malicious cyberattacks, such as when a sequence of denial‐of‐service attacks progressively target an already weakened information system. Although loss assessment frequently focuses on a single overall measure such as cost or downtime, the proposed technique considers both the timing and the amount of loss associated with each individual attack, as well as whether this loss is incurred suddenly or is “slow‐onset.” In support of this, an underlying mathematical model is developed to represent the relative impact of each attack and the corresponding length of time that its effects persist within the system, as well as to illustrate the trade‐offs between these two factors. The model is extended to represent uncertainty in its parameters and thus to support comparative analyses among various security configurations with respect to a baseline estimate of resilience. Monte Carlo simulation is then used to illustrate the model's capabilities and to support a discussion of its ability to provide for more effective decision making in the context of disaster planning and mitigation. [Submitted: March 21, 2011. Revised: July 14, 2011; November 4, 2011. Accepted: December 19, 2011.]