A layered decision model for cost-effective network defense

Network safeguarding practices involve decisions in at least three areas: identification of well-defined security policies, selection of cost-effective defense strategies and implementation of real-time defense tactics. Although choices made in each of these three affect the others, many existing decision models handle these three decision areas in isolation. There is no comprehensive tool that can integrate them to provide a single efficient model for safeguarding a network. In addition, there is no clear way to determine which particular combinations of defense decisions result in cost-effective solutions. To address these problems, this paper introduces a layered decision model (LDM) for use in deciding how to address defense decisions based on cost-effectiveness. To illustrate the technique, the LDM model is applied to the design of network defense for a sample e-commercial business. While there is a proliferation of tools for decision support, the connectivity between decisions about security policies, defense strategies and defense tactics is weak and there is no guarantee that these decisions are consistent. It is also hard to tell how a cost decision of one kind (e.g., about goals) affects cost outcomes at another level (e.g., regarding tactics). We present a layered decision model to support consistent, connected decisions at three layers: security policies, defense strategies, and defense tactics, and to balance costs at all layers. The layered decision model (LDM) integrates decisions about security policies, defense strategies and defense tactics in a uniform framework. In addition, this model provides an analytical framework that allows traceability of costs between layers. This framework combines risk assessment, business cost modeling, and cost-benefit analysis which uses return on investment (ROI) analysis. The work in this paper is preliminary, but should provide a good foundation for future work in this area.