Multi-objective security hardening optimisation for dynamic networks

Hardening the dynamic networks is a very challenging task due to their complexity and dynamicity. Moreover, there may be multi-objectives to satisfy, while containing the solutions within the constraints (e.g., fixed budget, availability of countermeasures, performance degradation, non-patchable vulnerabilities, etc). In this paper, we propose a systematic approach to optimise the selection of the security hardening options for the dynamic networks given multiple constraints and objectives. To do so, we evaluate potential attack scenarios for a given time period, and then use a multi-objective optimisation based on Non-dominated Sorting Genetic Algorithm to find the optimal set of security hardening options. We measure the effectiveness of the options using various security metrics, which is demonstrated through experimental analysis. The results show that our approach can be applied to select the optimal set of security hardening options to be deployed for the dynamic networks given multiple objectives and constraints.