Author :
Carin, Lawrence ; Cybenko, George ; Hughes, Jeff
Abstract :
QuERIES offers a novel multidisciplinary approach to quantifying risk associated with security technologies resulting in investment-efficient cybersecurity strategies. R esearchers can use the QuERIES methodology to rigorously determine, for the first time, appropriate investment levels and strategies for the protection of intellectual property in complex systems. As a result, it can have a significant and immediate impact on the protection of critical IP, including weapons systems and chip designs, complex computer software, and databases containing personal and financial information. In this paper, initial testing of QuERIES in small-scale, realistic scenarios, were performed with results that suggest the methodology can significantly improve risk assessments in complex systems under attack by rational and capable adversaries. Such systems include software, hardware, and data critical to national security and industrial competitiveness. Consequently, it is believed that QuERIES has wide applicability within both the DoD and private sectors.
Keywords :
IP networks; industrial property; national security; risk management; security of data; telecommunication security; DoD sectors; QuERIES; chip designs; complex computer software; critical IP protection; cybersecurity; databases; financial information; industrial competitiveness; intellectual property; investment efficient strategies; national security; personal information; private sectors; quantitative risk evaluation; risk assessments; weapons systems; Chip scale packaging; Computer security; Databases; Intellectual property; Investments; Performance evaluation; Protection; Software; System testing; Weapons; IP protection; cybersecurity; game theory; risk assessment;
