Utilizing Machine Learning for Optimizing Cybersecurity Spending in Critical Infrastructures

George Stergiopoulos; Michalis Detsis; Sozon Leventopoulos; Dimitris Gritzalis

doi:10.5220/0012837300003767

Utilizing Machine Learning for Optimizing Cybersecurity Spending in Critical Infrastructures

George Stergiopoulos, Michalis Detsis, Sozon Leventopoulos, Dimitris Gritzalis

2024

Abstract

This research paper presents a methodology and corresponding tool that aim to automate decision-making in prioritizing cybersecurity investments by identifying a minimal subset of assets based on their risk exposure, the protection of which would yield maximum risk reduction and cost efficiency. The presented method aims to assist in strategic security planning, offering significant savings while ensuring robust cyber defense mechanisms are in place. To achieve this, we developed an application that identifies and classifies critical assets within ICT networks using supervised machine learning, graph centrality measurements and cascading attack paths. We utilize over 100 randomly generated network models taken from existing companies to build a classifier able to determine ICT critical nodes. We use topological features and dependency risk graphs to simulate potential cyberattack paths.

Download

Paper Citation

in Harvard Style

Stergiopoulos G., Detsis M., Leventopoulos S. and Gritzalis D. (2024). Utilizing Machine Learning for Optimizing Cybersecurity Spending in Critical Infrastructures. In Proceedings of the 21st International Conference on Security and Cryptography - Volume 1: SECRYPT; ISBN 978-989-758-709-2, SciTePress, pages 544-551. DOI: 10.5220/0012837300003767

in Bibtex Style

@conference{secrypt24,
author={George Stergiopoulos and Michalis Detsis and Sozon Leventopoulos and Dimitris Gritzalis},
title={Utilizing Machine Learning for Optimizing Cybersecurity Spending in Critical Infrastructures},
booktitle={Proceedings of the 21st International Conference on Security and Cryptography - Volume 1: SECRYPT},
year={2024},
pages={544-551},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012837300003767},
isbn={978-989-758-709-2},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 21st International Conference on Security and Cryptography - Volume 1: SECRYPT
TI - Utilizing Machine Learning for Optimizing Cybersecurity Spending in Critical Infrastructures
SN - 978-989-758-709-2
AU - Stergiopoulos G.
AU - Detsis M.
AU - Leventopoulos S.
AU - Gritzalis D.
PY - 2024
SP - 544
EP - 551
DO - 10.5220/0012837300003767
PB - SciTePress