Resource allocation for restoration of compromised systems

Computer systems are constantly under the threats of being attacked and in many cases these attacks succeed. Today's networked systems are thus built to be intrusion tolerant. In a large scale, the progresses of compromising the networked system and recovering the damage will carry on in parallel, allowing services to be continued (at a degraded level). One of the key problems in the restoration procedure regards to the resource allocation strategies and the cost associated with, specifically, a minimal cost is desired. In this paper we model the cost as a sum of service loss and resource expense that incur during the restoration procedure. We investigate the achievable minimal total cost and corresponding resource allocation strategy for different situations. The situations include both constant rates and time-variant rates in terms of the speed of compromising and recovering. We also consider the fact that the restoration rate is constrained by the resource allocated. The relationship can be either linear or obeying the law of diminishing marginal utility. We present both analytical and numerical results in the paper. The results show the impact from various system parameters on the critical conditions for a successful system restoration and on the minimal cost.