Skip to main content
SpringerLink
Log in

Adversarial and Uncertain Reasoning for Adaptive Cyber Defense: Building the Scientific Foundation

  • Conference paper
Information Systems Security (ICISS 2014)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8880))

Included in the following conference series:

Abstract

Today’s cyber defenses are largely static. They are governed by slow deliberative processes involving testing, security patch deployment, and human-in-the-loop monitoring. As a result, adversaries can systematically probe target networks, pre-plan their attacks, and ultimately persist for long times inside compromised networks and hosts. A new class of technologies, called Adaptive Cyber Defense (ACD), is being developed that presents adversaries with optimally changing attack surfaces and system configurations, forcing adversaries to continually re-assess and re-plan their cyber operations. Although these approaches (e.g., moving target defense, dynamic diversity, and bio-inspired defense) are promising, they assume stationary and stochastic, but non-adversarial, environments. To realize the full potential, we need to build the scientific foundations so that system resiliency and robustness in adversarial settings can be rigorously defined, quantified, measured, and extrapolated in a rigorous and reliable manner.

This work was supported by the Army Research Office under grant W911NF-13-1-0421.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Jajodia, S., Ghosh, A.K., Swarup, V., Wang, C., Wang, X.S. (eds.): Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats, Berlin. Springer Advances in Information Security, vol. 54, 183 p. (2011) ISBN 978-1-4614-0976-2

    Google Scholar 

  2. Jajodia, S., Ghosh, A.K., Subrahmanian, V.S., Swarup, V., Wang, C., Wang, X.S. (eds.): Moving Target Defense II: Application of Game Theory and Adversarial Modeling, Berlin. Springer Advances in Information Security, vol. 100, 203 p. (2013) ISBN 978-1-4614-5415-1

    Google Scholar 

  3. Birman, K.P., Schneider, F.B.: The monoculture risk put into context. IEEE Security & Privacy 7(1), 14–17 (2009)

    Article  Google Scholar 

  4. Forrest, S., Somayaji, A., Ackley, D.H.: Building diverse computer systems. In: Proc. 6th Workshop on Hot Topics in Operating Systems, pp. 67–72 (1997)

    Google Scholar 

  5. Meisel, M., Pappas, V., Zhang, L.: A taxonomy of biologically inspired research in computer networking. Computer Networks 54(6), 901–916 (2010)

    Article  MATH  Google Scholar 

  6. Albanese, M., Battista, E., Jajodia, S., Casola, V.: Manipulating the Attacker’s View of a System’s Attack Surface. To Appear in Proc. of the 2nd IEEE Conference on Communications and Network Security (IEEE CNS 2014), San Francisco, California, USA, October 29-31 (2014)

    Google Scholar 

  7. Wang, L., Zhang, M., Jajodia, S., Singhal, A., Albanese, M.: Modeling Network Diversity for Evaluating the Robustness of Networks against Zero-Day Attacks. In: Kutyłowski, M., Vaidya, J. (eds.) ICAIS 2014, Part II. LNCS, vol. 8713, pp. 494–511. Springer, Heidelberg (2014)

    Chapter  Google Scholar 

  8. Shakarian, P., Paulo, D., Albanese, M., Jajodia, S.: Keeping Intruders at Large: A Graph-Theoretic Approach to Reducing the Probability of Successful Network Intrusions. In: Proc. 11th International Conference on Security and Cryptography (SECRYPT 2014), Vienna, Austria, August 28-30, pp. 19–30 (2014)

    Google Scholar 

  9. Hughes, J., Cybenko, G.: Three tenets for secure cyber-physical system design and assessment. In: Proc. SPIE Cyber Sensing 2014 (May 2014)

    Google Scholar 

  10. Xu, J., Guo, P., Zhao, M., Erbacher, R.F., Zhu, M., Liu, P.: Comparing Different Moving Target Defense Techniques. In: Prof. ACM MTD Workshop 2014, in Association with CCS 2014 (November 2014)

    Google Scholar 

  11. Zhu, M., Hu, Z., Liu, P.: Reinforcement learning algorithms for adaptive cyber defense against Heartbleed. In: Proc. ACM MTD Workshop 2014, in Association with CCS 2014 (November 2014)

    Google Scholar 

  12. Vorobeychik, Y., An, B., Tambe, M., Singh, S.: Computing solutions in infinite-horizon discounted adversarial patrolling games. In: Proc. 24th International Conference on Automated Planning and Scheduling (ICAPS 2014) (June 2014)

    Google Scholar 

  13. Rasouli, M., Miehling, E., Teneketzis, D.: A supervisory control approach to dynamic cyber-security. In: Poovendran, R., Saad, W. (eds.) GameSec 2014. LNCS, vol. 8840, pp. 99–117. Springer, Heidelberg (2014)

    Chapter  Google Scholar 

  14. Wellman, M.P., Prakash, A.: Empirical game-theoretic analysis of an adaptive cyber-defense scenario (Preliminary report). In: Poovendran, R., Saad, W. (eds.) GameSec 2014. LNCS, vol. 8840, pp. 43–58. Springer, Heidelberg (2014)

    Chapter  Google Scholar 

  15. Sun, K., Jajodia, S.: Protecting enterprise networks through attack surface expansion. In: Scottsdale, A.Z. (ed.) Proc. SafeConfig 2014: Cyber Security Analytics and Automation (short paper), Scottsdale, AZ (November 3, 2014)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Thayer School of Engineering, Dartmouth College, Hanover, NH, 03755, Germany

    George Cybenko

  2. Center for Secure Information Systems, George Mason University, Fairfax, VA, 22030-4422

    Sushil Jajodia

  3. Department of Electrical Engineering and Computer Science, University of Michigan, Ann Arbor, MI, 48109-2122, USA

    Michael P. Wellman

  4. College of Information Sciences and Technology, Pennsylvania State University, University Park, PA, 16802, USA

    Peng Liu

Authors
  1. George Cybenko
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sushil Jajodia
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Michael P. Wellman
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Peng Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of EECS, University of Michigan, 48109-2121, Ann Arbor, MI, USA

    Atul Prakash

  2. Faculty of Technology and Computer Science, Tata Institute of Fundamental Research, Homi Bhabha Road, 400005, Mumbai, India

    Rudrapatna Shyamasundar

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Cybenko, G., Jajodia, S., Wellman, M.P., Liu, P. (2014). Adversarial and Uncertain Reasoning for Adaptive Cyber Defense: Building the Scientific Foundation. In: Prakash, A., Shyamasundar, R. (eds) Information Systems Security. ICISS 2014. Lecture Notes in Computer Science, vol 8880. Springer, Cham. https://doi.org/10.1007/978-3-319-13841-1_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-13841-1_1

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-13840-4

  • Online ISBN: 978-3-319-13841-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation