Vulnerabilities inherent in a cyber network can be exploited by individuals with malicious intent. Thus, machines on the network are at risk. Formally, security specialists seek to mitigate the risk of intrusion events through network reconfiguration and defense. Comparison between configuration alternatives may be difficult if an event is sufficiently rare; risk estimates may of be questionable quality making definitive inferences unattainable. Furthermore, that which constitutes a “rare” event can imply different rates of occurrence, depending on network complexity. To measure rare events efficiently without the risk of doing damage to a cyber network, special rare-event simulation techniques can be employed, such as splitting or importance sampling. In particular, importance sampling has shown promise when modeling an attacker moving through a network with intent to steal data. The importance sampling technique amplifies certain aspects of the network in order to cause a rare event to happen more frequently. Output statistics collected under these amplified conditions must then be scaled back to the context of the original network to produce meaningful results. This thesis successfully tailors the importance sampling methodology to scenarios where an attacker must search a network. Said tailoring takes the attacker’s successes and failures as well as the attacker’s targeting choices into account. The methodology is shown to be more computationally efficient and can produce higher quality estimates of risk when compared to standard simulation.

Library of Congress Subject Headings

Computer networks--Security measures; Cyberterrorism--Prevention; Probabilities; Industrial engineering--Statistical methods

Publication Date


Document Type


Student Type


Degree Name

Industrial and Systems Engineering (MS)

Department, Program, or Center

Industrial and Systems Engineering (KGCOE)


Michael E. Kuhl

Advisor/Committee Member

Shanchieh J. Yang

Advisor/Committee Member

Katie McConky


RIT – Main Campus

Plan Codes