Computational Algorithms and Numerical Dimensions (Mar 2023)
Integrating PCA and DEA techniques for strategic assessment of network security
Abstract
Network security is paramount in safeguarding the integrity of computer networks and the data they host. The primary objective of network security is to protect data from cyber-attacks and ensure the overall reliability of the network. A robust network security strategy deploys various solutions to shield data within networks, safeguarding both users and organizations from potential threats. This paper introduces a novel approach to evaluating computer network security using Data Envelopment Analysis (DEA), a mathematical method designed to measure the performance of Decision-Making Units (DMUs) employing identical inputs to yield identical outputs. We present a practical application of DEA to assess the security of 10 distinct networks, treating them as DMUs. The resulting performance measurements allow us to classify computer network security into four levels: "terribly insecure," "insecure," "safe," and "very safe. To optimize the discriminating power of DEA, we employ Principal Component Analysis (PCA) to reduce the number of inputs and outputs. It not only enhances the precision of our evaluation but also ensures that the number of DMUs remains well-suited to the analysis. As a rule of thumb, the number of DMUs should be at least three times larger than the sum of the numbers of inputs and outputs to maintain DEA's discriminating power. Through the combined application of DEA and PCA, this research contributes a comprehensive and efficient method for evaluating and classifying computer network security, providing valuable insights for enhancing overall network resilience against cyber threats.
Keywords
