Defence Efficiency
For network security practitioners, this provides a principled metric for evaluating and automating defences, though the contribution is primarily theoretical.
The paper proposes a definition of defence efficiency that quantifies the trade-off between impact and cost, proves its uniqueness via an axiomatic approach, and generalizes it to multiple input variables.
In order to automate actions, such as defences against network attacks, one needs to quantify their efficiency. This can subsequently be used in post-evaluation, learning, etc. In order to quantify the defence efficiency as a function of the impact of the defence and its total cost, we present several natural requirements from such a definition of efficiency and provide a natural definition that complies with these requirements. Next, we precisely characterize our definition of efficiency by the axiomatic approach; namely, we strengthen the original requirements from such a definition and prove that the given definition is the unique definition that satisfies those requirements. Finally, we generalize the definition to the case of any number of input variables in two natural ways, and compare these generalizations.