Adversarial and Uncertain Reasoning for Adaptive Cyber Defense: Building the Scientific Foundation

  • George Cybenko
  • Sushil Jajodia
  • Michael P. Wellman
  • Peng Liu
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8880)

Abstract

Today’s cyber defenses are largely static. They are governed by slow deliberative processes involving testing, security patch deployment, and human-in-the-loop monitoring. As a result, adversaries can systematically probe target networks, pre-plan their attacks, and ultimately persist for long times inside compromised networks and hosts. A new class of technologies, called Adaptive Cyber Defense (ACD), is being developed that presents adversaries with optimally changing attack surfaces and system configurations, forcing adversaries to continually re-assess and re-plan their cyber operations. Although these approaches (e.g., moving target defense, dynamic diversity, and bio-inspired defense) are promising, they assume stationary and stochastic, but non-adversarial, environments. To realize the full potential, we need to build the scientific foundations so that system resiliency and robustness in adversarial settings can be rigorously defined, quantified, measured, and extrapolated in a rigorous and reliable manner.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Jajodia, S., Ghosh, A.K., Swarup, V., Wang, C., Wang, X.S. (eds.): Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats, Berlin. Springer Advances in Information Security, vol. 54, 183 p. (2011) ISBN 978-1-4614-0976-2Google Scholar
  2. 2.
    Jajodia, S., Ghosh, A.K., Subrahmanian, V.S., Swarup, V., Wang, C., Wang, X.S. (eds.): Moving Target Defense II: Application of Game Theory and Adversarial Modeling, Berlin. Springer Advances in Information Security, vol. 100, 203 p. (2013) ISBN 978-1-4614-5415-1Google Scholar
  3. 3.
    Birman, K.P., Schneider, F.B.: The monoculture risk put into context. IEEE Security & Privacy 7(1), 14–17 (2009)CrossRefGoogle Scholar
  4. 4.
    Forrest, S., Somayaji, A., Ackley, D.H.: Building diverse computer systems. In: Proc. 6th Workshop on Hot Topics in Operating Systems, pp. 67–72 (1997)Google Scholar
  5. 5.
    Meisel, M., Pappas, V., Zhang, L.: A taxonomy of biologically inspired research in computer networking. Computer Networks 54(6), 901–916 (2010)CrossRefMATHGoogle Scholar
  6. 6.
    Albanese, M., Battista, E., Jajodia, S., Casola, V.: Manipulating the Attacker’s View of a System’s Attack Surface. To Appear in Proc. of the 2nd IEEE Conference on Communications and Network Security (IEEE CNS 2014), San Francisco, California, USA, October 29-31 (2014)Google Scholar
  7. 7.
    Wang, L., Zhang, M., Jajodia, S., Singhal, A., Albanese, M.: Modeling Network Diversity for Evaluating the Robustness of Networks against Zero-Day Attacks. In: Kutyłowski, M., Vaidya, J. (eds.) ICAIS 2014, Part II. LNCS, vol. 8713, pp. 494–511. Springer, Heidelberg (2014)CrossRefGoogle Scholar
  8. 8.
    Shakarian, P., Paulo, D., Albanese, M., Jajodia, S.: Keeping Intruders at Large: A Graph-Theoretic Approach to Reducing the Probability of Successful Network Intrusions. In: Proc. 11th International Conference on Security and Cryptography (SECRYPT 2014), Vienna, Austria, August 28-30, pp. 19–30 (2014)Google Scholar
  9. 9.
    Hughes, J., Cybenko, G.: Three tenets for secure cyber-physical system design and assessment. In: Proc. SPIE Cyber Sensing 2014 (May 2014)Google Scholar
  10. 10.
    Xu, J., Guo, P., Zhao, M., Erbacher, R.F., Zhu, M., Liu, P.: Comparing Different Moving Target Defense Techniques. In: Prof. ACM MTD Workshop 2014, in Association with CCS 2014 (November 2014)Google Scholar
  11. 11.
    Zhu, M., Hu, Z., Liu, P.: Reinforcement learning algorithms for adaptive cyber defense against Heartbleed. In: Proc. ACM MTD Workshop 2014, in Association with CCS 2014 (November 2014)Google Scholar
  12. 12.
    Vorobeychik, Y., An, B., Tambe, M., Singh, S.: Computing solutions in infinite-horizon discounted adversarial patrolling games. In: Proc. 24th International Conference on Automated Planning and Scheduling (ICAPS 2014) (June 2014)Google Scholar
  13. 13.
    Rasouli, M., Miehling, E., Teneketzis, D.: A supervisory control approach to dynamic cyber-security. In: Poovendran, R., Saad, W. (eds.) GameSec 2014. LNCS, vol. 8840, pp. 99–117. Springer, Heidelberg (2014)CrossRefGoogle Scholar
  14. 14.
    Wellman, M.P., Prakash, A.: Empirical game-theoretic analysis of an adaptive cyber-defense scenario (Preliminary report). In: Poovendran, R., Saad, W. (eds.) GameSec 2014. LNCS, vol. 8840, pp. 43–58. Springer, Heidelberg (2014)CrossRefGoogle Scholar
  15. 15.
    Sun, K., Jajodia, S.: Protecting enterprise networks through attack surface expansion. In: Scottsdale, A.Z. (ed.) Proc. SafeConfig 2014: Cyber Security Analytics and Automation (short paper), Scottsdale, AZ (November 3, 2014)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • George Cybenko
    • 1
  • Sushil Jajodia
    • 2
  • Michael P. Wellman
    • 3
  • Peng Liu
    • 4
  1. 1.Thayer School of EngineeringDartmouth CollegeHanoverGermany
  2. 2.Center for Secure Information SystemsGeorge Mason UniversityFairfax
  3. 3.Department of Electrical Engineering and Computer ScienceUniversity of MichiganAnn ArborUSA
  4. 4.College of Information Sciences and TechnologyPennsylvania State UniversityUniversity ParkUSA

Personalised recommendations