Abstract
Cybersecurity Dynamics is new concept that aims to achieve the modeling, analysis, quantification, and management of cybersecurity from a holistic perspective, rather than from a building-blocks perspective. It is centered at modeling and analyzing the attack-defense interactions in cyberspace, which cause a “natural” phenomenon—the evolution of the global cybersecurity state. In this chapter, we systematically introduce and review the Cybersecurity Dynamics foundation for the Science of Cybersecurity. We review the core concepts, technical approaches, research axes, and results that have been obtained in this endeavor. We outline a research roadmap towards the ultimate research goal, and identified technical barriers that poses challenges to reach the goal.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
E. Alata, M. Dacier, Y. Deswarte, M. Kaaâniche, K. Kortchinsky, V. Nicomette, V. Pham, F. Pouget, Collection and analysis of attack data based on honeypots deployed on the internet, in Proceedings of the Quality of Protection - Security Measurements and Metrics (2006), pp. 79–91
M. Albanese, S. Jajodia, S. Noel, Time-efficient and cost-effective network hardening using attack graphs, in Proceedings of the IEEE DSN’12 (2012), pp. 1–12
R. Albert, H. Jeong, A. Barabasi, Error and attack tolerance of complex networks. Nature 406, 378–482 (2000)
S. Almotairi, A. Clark, M. Dacier, C. Leita, G. Mohay, V. Pham, O. Thonnard, J. Zimmermann, Extracting inter-arrival time based behaviour from honeypot traffic using cliques, in 5th Australian Digital Forensics Conference (2007), pp. 79–87
S. Almotairi, A. Clark, G. Mohay, J. Zimmermann, Characterization of attackers’ activities in honeypot traffic using principal component analysis, in Proceedings of the IFIP International Conference on Network and Parallel Computing (2008), pp. 147–154
S. Almotairi, A. Clark, G. Mohay, J. Zimmermann, A technique for detecting new attacks in low-interaction honeypot traffic, in Proceedings of the International Conference on Internet Monitoring and Protection (2009), pp. 7–13
P. Ammann, D. Wijesekera, S. Kaushik, Scalable, graph-based network vulnerability analysis, in Proceedings of the ACM CCS’02 (2002), pp. 217–224
R. Anderson, R. May, Infectious Diseases of Humans (Oxford University Press, Oxford, 1991)
N. Bailey, The Mathematical Theory of Infectious Diseases and Its Applications, 2nd edn. (Griffin, London, 1975)
M. Bailey, E. Cooke, F. Jahanian, J. Nazario, D. Watson, Internet motion sensor: a distributed blackhole monitoring system, in Proceedings of The 12th Network and Distributed System Security Symposium (NDSS’05), 2005
A. Barrat, M. Barthlemy, A. Vespignani, Dynamical Processes on Complex Networks (Cambridge University Press, Cambridge, 2008)
D. Chakrabarti, Y. Wang, C. Wang, J. Leskovec, C. Faloutsos, Epidemic thresholds in real networks. ACM Trans. Inf. Syst. Secur. 10(4), 1–26 (2008)
J. Charlton, P. Du, J. Cho, S. Xu, Measuring relative accuracy of malware detectors in the absence of ground truth, in Proceedings of IEEE MILCOM (2018), pp. 450–455
Checkmarx (2018). https://www.checkmarx.com/
Y.-Z. Chen, Z.-G. Huang, S. Xu, Y.-C. Lai, Spatiotemporal patterns and predictability of cyberattacks. PLoS One 10(5), e0124472 (2015)
H. Chen, D. Zou, S. Xu, H. Jin, B. Yuan, Y. Lu, SAND: semi-automated adaptive network defense via programmable rule generation and deployment (2019, manuscript under review)
H. Chen, J.-H. Cho, S. Xu, Quantifying the security effectiveness of firewalls and DMZs, in Proceedings of the 5th Annual Symposium and Bootcamp on Hot Topics in the Science of Security (HoTSoS’2018) (2018), pp. 9:1–9:11
H. Chen, J.-H. Cho, S. Xu, Quantifying the security effectiveness of network diversity: poster, in Proceedings of the 5th Annual Symposium and Bootcamp on Hot Topics in the Science of Security (HoTSoS’2018) (2018), p. 24:1
Y. Cheng, J. Deng, J. Li, S. DeLoach, A. Singhal, X. Ou, Metrics of security, in Cyber Defense and Situational Awareness, vol. 62 (Springer, Cham, 2014)
J.-H. Cho, P. Hurley, S. Xu, Metrics and measurement of trustworthy systems, in IEEE Military Communication Conference (MILCOM 2016), 2016
J. Cho, S. Xu, P. Hurley, M. Mackay, T. Benjamin, M. Beaumont, STRAM: measuring the trustworthiness of computerbased systems, ACM Computing Survey, Accepted for publication (to appear in 2019)
J. Chow, B. Pfaff, T. Garfinkel, K. Christopher, M. Rosenblum, Understanding data lifetime via whole system simulation, in Proceedings of Usenix Security Symposium 2004, 2004
W. Connell, D.A. Menascé, M. Albanese, Performance modeling of moving target defenses, in Proceedings of the 2017 Workshop on Moving Target Defense, MTD ’17 (2017), pp. 53–63
G. Conti, K. Abdullah, Passive visual fingerprinting of network attack tools, in Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security (2004), pp. 45–54
G. Da, M. Xu, S. Xu, A new approach to modeling and analyzing security of networked systems, in Proceedings of the 2014 Symposium and Bootcamp on the Science of Security (HotSoS’14) (2014), pp. 6:1–6:12
D. Dagon, G. Gu, C.P. Lee, W. Lee, A taxonomy of botnet structures, in 23rd Annual Computer Security Applications Conference (ACSAC’07) (2007), pp. 325–339
Y. Desmedt, Y. Frankel, Threshold cryptosystems, in Proceedings of the CRYPTO 89 (1989), pp. 307–315
X. Ding, G. Tsudik, S. Xu, Leak-free group signatures with immediate revocation, in 24th International Conference on Distributed Computing Systems (ICDCS 2004) (IEEE Computer Society, Los Alamitos, 2004), pp. 608–615
X. Ding, G. Tsudik, S. Xu, Leak-free mediated group signatures. J. Comput. Secur. 17(4), 489–514 (2009)
Y. Dodis, J. Katz, S. Xu, M. Yung, Key-insulated public key cryptosystems, in Advances in Cryptology - EUROCRYPT 2002, ed. by L.R. Knudsen. Lecture Notes in Computer Science, vol. 2332 (Springer, Berlin, 2002), pp. 65–82
Y. Dodis, J. Katz, S. Xu, M. Yung, Strong key-insulated signature schemes, in Public Key Cryptography (PKC’03) (2003), pp. 130–144
Y. Dodis, W. Luo, S. Xu, M. Yung, Key-insulated symmetric key cryptography and mitigating attacks against cryptographic cloud software, in 7th ACM Symposium on Information, Computer and Communications Security, ASIACCS ’12 (2012), pp. 57–58
P. Du, Z. Sun, H. Chen, J.H. Cho, S. Xu, Statistical estimation of malware detection metrics in the absence of ground truth. IEEE Trans. Inf. Forensics Secur. 13, 2965–2980 (2018)
Flawfinder (2018). http://www.dwheeler.com/flawfinder
A. Ganesh, L. Massoulie, D. Towsley, The effect of network topology on the spread of epidemics, in Proceedings of IEEE Infocom 2005 (2005)
R. Garcia-Lebron, D.J. Myers, S. Xu, J. Sun, Node diversification in complex networks by decentralized colouring. J. Complex Networks, cny031. (2018). https://doi.org/10.1093/comnet/cny031
R. Garcia-Lebron, K. Schweitzer, R. Bateman, S. Xu, A framework for characterizing the evolution of cyber attackervictim relation graphs, in Proceedings of IEEE MILCOM (2018), pp. 70–75
G. Grieco, G.L. Grinblat, L.C. Uzal, S. Rawat, J. Feist, L. Mounier, Toward large-scale vulnerability discovery using machine learning, in Proceedings of the Sixth ACM on Conference on Data and Application Security and Privacy, CODASPY 2016, New Orleans (2016), pp. 85–96
L. Guan, J. Lin, B. Luo, J. Jing, J. Wang, Protecting private keys against memory disclosure attacks using hardware transactional memory, in Proceedings of the 2015 IEEE Symposium on Security and Privacy, SP ’15 (2015), pp. 3–19
Y. Han, W. Lu, S. Xu, Characterizing the power of moving target defense via cyber epidemic dynamics, in Proceedings of the 2014 Symposium and Bootcamp on the Science of Security (HotSoS’14) (2014), pp. 10:1–10:12
K. Harrison, S. Xu, Protecting cryptographic keys from memory disclosures, in Proceedings of the 2007 IEEE/IFIP International Conference on Dependable Systems and Networks (DSN-DCCS’07) (IEEE Computer Society, Los Alamitos, 2007), pp. 137–143
C. Herley, P.C.v. Oorschot, SoK: science, security and the elusive goal of security as a scientific pursuit, in 2017 IEEE Symposium on Security and Privacy (SP), May 2017, pp. 99–120
A. Herrero, U. Zurutuza, E. Corchado, A neural-visualization IDS for honeynet data. Int. J. Neural Syst. 22(2), 1250005 (2012)
A. Herzberg, M. Jakobsson, S. Jarecki, H. Krawczyk, M. Yung, Proactive public key and signature schemes, in Proceedings of the Fourth Annual Conference on Computer and Communications Security (ACM, New York, 1997), pp. 100–110
H. Hethcote, The mathematics of infectious diseases. SIAM Rev. 42(4), 599–653 (2000)
J. Homer, S. Zhang, X. Ou, D. Schmidt, Y. Du, S. Raj Rajagopalan, A. Singhal, Aggregating vulnerability metrics in enterprise networks using attack graphs. J. Comput. Secur. 21(4), 561–597 (2013)
K. Hoover, Idealizing reduction: the microfoundations of macroeconomics. Erkenntnis 73, 329–347 (2010)
A. Hussain, J. Heidemann, C. Papadopoulos, A framework for classifying denial of service attacks, in Proceedings of ACM SIGCOMM’03 (2003), pp. 99–110
E.M. Hutchins, M.J. Cloppert, R.M. Amin, Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains, in 2011 International Conference on Information Warfare and Security (2011)
INFOSEC Research Council, Hard problem list (2007). http://www.infosec-research.org/docs_public/20051130-IRC-HPL-FINAL.pdf
J.H. Jafarian, E. Al-Shaer, Q. Duan, Openflow random host mutation: transparent moving target defense using software defined networking, in Proceedings of the First Workshop on Hot Topics in Software Defined Networks (HotSDN’12) (2012), pp. 127–132
S. Jha, O. Sheyner, J. Wing, Two formal analyses of attack graphs, in Proceedings of the IEEE Workshop on Computer Security Foundations (2002), pp. 49–59
H. Joe, Dependence Modeling with Copulas (CRC Press, Boca Raton, 2014)
A. Juels, B.S. Kaliski Jr., Pors: proofs of retrievability for large files, in Proceedings of the ACM Conference on Computer and Communications Security (CCS’07) (2007), pp. 584–597
M. Kaâniche, Y. Deswarte, E. Alata, M. Dacier, V. Nicomette, Empirical analysis and statistical modeling of attack processes based on honeypots. CoRR (2007). http://arxiv.org/abs/0704.0861
A. Kantchelian, M.C. Tschantz, S. Afroz, B. Miller, V. Shankar, R. Bachwani, A.D. Joseph, J.D. Tygar, Better malware ground truth: techniques for weighting anti-virus vendor labels, in Proceedings of the 8th ACM Workshop on Artificial Intelligence and Security (ACM, New York, 2015), pp. 45–56
E.J. Kartaltepe, J.A. Morales, S. Xu, R.S. Sandhu, Social network-based botnet command-and-control: emerging threats and countermeasures, in ACNS (2010), pp. 511–528
J. Kephart S. White, Directed-graph epidemiological models of computer viruses, in IEEE Symposium on Security and Privacy (1991), pp. 343–361
J. Kephart, S. White, Measuring and modeling computer virus prevalence, in IEEE Symposium on Security and Privacy (1993), pp. 2–15
W. Kermack, A. McKendrick, A contribution to the mathematical theory of epidemics. Proc. R. Soc. Lond. A 115, 700–721 (1927)
S. Kim, S. Woo, H. Lee, H. Oh, VUDDY: a scalable approach for vulnerable code clone discovery, in 2017 IEEE Symposium on Security and Privacy (2017), pp. 595–614
P. Kocher, D. Genkin, D. Gruss, W. Haas, M. Hamburg, M. Lipp, S. Mangard, T. Prescher, M. Schwarz, Y. Yarom, Spectre attacks: exploiting speculative execution. CoRR (2018). http://arxiv.org/abs/1801.01203
B. Köpf, D. Basin, An information-theoretic model for adaptive side-channel attacks, in Proceedings of the ACM Conference on Computer and Communications Security (ACM, New York, 2007), pp. 286–296
A. Kott, Towards fundamental science of cyber security, in Network Science and Cybersecurity, ed. by R.E. Pino. Advances in Information Security, vol. 55 (Springer, New York, 2014), pp. 1–13
B. Lampson, Practical principles for computer security (2006). http://bwlampson.site/Slides/PracticalPrinciplesSecurityAbstract.htm
J. Leonard, S. Xu, R.S. Sandhu, A framework for understanding botnets, in Proceedings of the Fourth International Conference on Availability, Reliability and Security, ARES (2009), pp. 917–922
X. Li, P. Parker, S. Xu, Towards quantifying the (in)security of networked systems, in 21st IEEE International Conference on Advanced Information Networking and Applications (AINA’07) (2007), pp. 420–427
X. Li, P. Parker, S. Xu, A stochastic model for quantitative security analysis of networked systems. IEEE Trans. Dependable Secure Comput. 8(1), 28–43 (2011)
Z. Li, D. Zou, S. Xu, H. Jin, H. Qi, J. Hu, VulPecker: an automated vulnerability detection system based on code similarity analysis, in Proceedings of the 32nd Annual Conference on Computer Security Applications, ACSAC, Los Angeles (2016), pp. 201–213
Z. Li, D. Zou, S. Xu, X. Ou, H. Jin, S. Wang, Z. Deng, Y. Zhong, VulDeePecker: a deep learning-based system for vulnerability detection, in Proceedings of the 25th Annual Network and Distributed System Security Symposium (NDSS’2018) (2018)
Z. Li, D. Zou, S. Xu, H. Jin, Y. Zhu, Z. Chen, S. Wang, J. Wang, SySeVR: a framework for using deep learning to detect software vulnerabilities, CoRR abs/1807.06756 (2018)
T. Liggett, Interacting Particle Systems (Springer, Berlin, 1985)
W. Lu, S. Xu, X. Yi, Optimizing active cyber defense dynamics, in Proceedings of the 4th International Conference on Decision and Game Theory for Security (GameSec’13) (2013), pp. 206–225
W. Luo, L. Xu, Z. Zhan, Q. Zheng, S. Xu, Federated cloud security architecture for secure and agile clouds, in High Performance Cloud Auditing and Applications, ed. by K.J. Han, B.-Y. Choi, S. Song (Springer, New York, 2014), pp. 169–188
J. Ma, L.K. Saul, S. Savage, G.M. Voelker, Learning to detect malicious urls. ACM TIST 2(3), 30:1–30:24 (2011)
H. Maleki, S. Valizadeh, W. Koch, A. Bestavros, M. van Dijk, Markov modeling of moving target defense games, in Proceedings of the 2016 ACM Workshop on Moving Target Defense, MTD ’16 (2016), pp. 81–92
Mandiant. Apt1 report. https://www.fireeye.com/content/dam/fireeyewww/services/pdfs/mandiant-apt1-report.pdf, 16 Feb 2013. Accessed 08 July 2016
A. McKendrick, Applications of mathematics to medical problems. Proc. Edinb. Math. Soc. 14, 98–130 (1926)
J. Mireles, E. Ficke, J.-H. Cho, P. Hurley, S. Xu, Metrics towards measuring cyber agility (2019, manuscript in submission)
A. Mohaisen, O. Alrawi, AV-meter: an evaluation of antivirus scans and labels, in Detection of Intrusions and Malware, and Vulnerability Assessment - 11th International Conference, DIMVA 2014, Proceedings (2014), pp. 112–131
J. Morales, S. Xu, R. Sandhu, Analyzing malware detection efficiency with multiple anti-malware programs, in Proceedings of 2012 ASE International Conference on Cyber Security (CyberSecurity’12) (2012)
Y. Moreno, R. Pastor-Satorras, A. Vespignani, Epidemic outbreaks in complex heterogeneous networks. Eur. Phys. J. B 26, 521–529 (2002)
D. Mulamba, I. Ray, Resilient reference monitor for distributed access control via moving target defense, in Data and Applications Security and Privacy XXXI, ed. by G. Livraga, S. Zhu (2017), pp. 20–40
National Science and Technology Council, Trustworthy cyberspace: strategic plan for the federal cybersecurity research and development program (2011). https://www.nitrd.gov/SUBCOMMITTEE/csia/Fed_Cybersecurity_RD_Strategic_Plan_2011.pdf
S. Neuhaus, T. Zimmermann, C. Holler, A. Zeller, Predicting vulnerable software components, in Proceedings of the 2007 ACM Conference on Computer and Communications Security, CCS 2007, Alexandria (2007), pp. 529–540
M. Newman, The structure and function of complex networks. SIAM Rev. 45, 167 (2003)
D.M. Nicol, W.H. Sanders, K.S. Trivedi, Model-based evaluation: from dependability to security. IEEE Trans. Dependable Secure Comput. 1(1), 48–65 (2004)
D. Nicol, B. Sanders, J. Katz, B. Scherlis, T. Dumitra, L. Williams, M.P. Singh, The science of security 5 hard problems (Aug 2015). http://cps-vo.org/node/21590
S. Noel, S. Jajodia, A Suite of Metrics for Network Attack Graph Analytics (Springer, Cham, 2017), pp. 141–176
H. Okhravi, M. Rabe, T. Mayberry, W. Leonard, T. Hobson, D. Bigelow, W. Streilein, Survey of cyber moving targets (MIT Lincoln Lab technical report), 2013
T.P. Parker, S. Xu, A method for safekeeping cryptographic keys from memory disclosure attacks, in First International Conference on Trusted Systems (INTRUST’2009) (2009), pp. 39–59
R. Pastor-Satorras, A. Vespignani, Epidemic dynamics and endemic states in complex networks. Phys. Rev. E 63, 066117 (2001)
R. Pastor-Satorras, A. Vespignani, Epidemic dynamics in finite size scale-free networks. Phys. Rev. E 65, 035108 (2002)
M. Pendleton, R. Garcia-Lebron, J.-H. Cho, S. Xu, A survey on systems security metrics. ACM Comput. Surv. 49(4), 62:1–62:35 (2016)
C. Peng, M. Xu, S. Xu, T. Hu, Modeling and predicting extreme cyber attack rates via marked point processes. J. Appl. Stat. 44(14), 2534–2563 (2017)
C. Peng, M. Xu, S. Xu, T. Hu, Modeling multivariate cybersecurity risks. J. Appl. Stat 45(15), 2718–2740 (2018). https://doi.org/10.1080/02664763.2018.1436701
R. Perdisci, U. ManChon, VAMO: towards a fully automated malware clustering validity analysis, in Proceedings of the 28th Annual Computer Security Applications Conference, ACSAC ’12 (2012), pp. 329–338
S.L. Pfleeger, Useful cybersecurity metrics. IT Prof. 11(3), 38–45 (2009)
S.L. Pfleeger, R.K. Cunningham, Why measuring security is hard. IEEE Secur. Priv. 8(4), 46–54 (2010)
C. Phillips, L.P. Swiler, A graph-based system for network-vulnerability analysis, in Proceedings of the 1998 Workshop on New Security Paradigms, NSPW ’98 (1998), pp. 71–79
N. Provos, A virtual honeypot framework, in USENIX Security Symposium (2004), pp. 1–14
N. Provos, D. McNamee, P. Mavrommatis, K. Wang, N. Modadugu, The ghost in the browser analysis of web-based malware, in Proceedings of the First Workshop on Hot Topics in Understanding Botnets (HotBots’07) (2007)
M.A. Rahman, E. Al-Shaer, R.B. Bobba, Moving target defense for hardening the security of the power system state estimation, in Proceedings of the First ACM Workshop on Moving Target Defense, MTD ’14 (2014), pp. 59–68
A. Ramos, M. Lazar, R.H. Filho, J.J.P.C. Rodrigues, Model-based quantitative network security metrics: a survey. IEEE Commun. Surv. Tutorials 19(4), 2704–2734 (2017)
R.W. Ritchey, P. Ammann, Using model checking to analyze network vulnerabilities, in Proceedings of the IEEE Symposium on Security and Privacy (2000), pp. 156–165
A. Roque, K.B. Bush, C. Degni, Security is about control: insights from cybernetics, in Proceedings of the Symposium and Bootcamp on the Science of Security, Pittsburgh, April 19–21, 2016, pp. 17–24
Rough Audit Tool for Security (2014). https://code.google.com/archive/p/rough-auditing-tool-for-security/
F. Schneider, Blueprint for a science of cybersecurity. Technical report, Cornell University, May 2011. Also to appear in The Next Wave
Y. Shang, W. Luo, S. Xu, l-hop percolation on networks with arbitrary degree distributions and its applications. Phys. Rev. E 84, 031113 (2011)
O. Sheyner, J. Haines, S. Jha, R. Lippmann, J. Wing, Automated generation and analysis of attack graphs, in IEEE Symposium on Security and Privacy (2002), pp. 273–284
Y. Shin, A. Meneely, L. Williams, J.A. Osborne, Evaluating complexity, code churn, and developer activity metrics as indicators of software vulnerabilities. IEEE Trans. Softw. Eng. 37(6), 772–787 (2011)
J.M. Spring, T. Moore, D.J. Pym, Practicing a science of security: a philosophy of science perspective, in Proceedings of the 2017 New Security Paradigms Workshop, NSPW 2017 (2017), pp. 1–18
C. Trippel, D. Lustig, M. Martonosi, Meltdownprime and spectreprime: automatically-synthesized attacks exploiting invalidation-based coherence protocols. CoRR (2018). http://arxiv.org/abs/1802.03802
A. Tyra, J. Li, Y. Shang, S. Jiang, Y. Zhao, S. Xu, Robustness of non-interdependent and interdependent networks against dependent and adaptive attacks. Phys. A Stat. Mech. Appl. 482, 713–727 (2017)
P. Van Mieghem, J. Omic, R. Kooij, Virus spread in networks. IEEE/ACM Trans. Netw. 17(1), 1–14 (2009)
Y. Wang, D. Chakrabarti, C. Wang, C. Faloutsos, Epidemic spreading in real networks: an eigenvalue viewpoint, in Proceedings of the 22nd IEEE Symposium on Reliable Distributed Systems (SRDS’03) (2003), pp. 25–34
S. Xu, On the security of group communication schemes. J. Comput. Secur. 15(1), 129–169 (2007)
S. Xu, Collaborative attack vs. collaborative defense, in 4th International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom’2008) (2008), pp. 217–228
S. Xu, Cybersecurity dynamics, in Proceedings of the Symposium and Bootcamp on the Science of Security (HotSoS’14) (2014), pp. 14:1–14:2
S. Xu, Emergent behavior in cybersecurity, in Proceedings of the 2014 Symposium and Bootcamp on the Science of Security (HotSoS’14) (2014), pp. 13:1–13:2
S. Xu, Cybersecurity dynamics publications. http://www.cs.utsa.edu/~shxu/socs/
S. Xu, M. Yung, Expecting the unexpected: towards robust credential infrastructure, in 13th International Conference on Financial Cryptography and Data Security (FC’09) (2009), pp. 201–221
M. Xu, S. Xu, An extended stochastic model for quantitative security analysis of networked systems. Internet Math. 8(3), 288–320 (2012)
S. Xu, X. Li, P. Parker, Exploiting social networks for threshold signing: attack-resilience vs. availability, in ACM Symposium on Information, Computer and Communications Security (ASIACCS’08) (2008), pp. 325–336
S. Xu, X. Li, T. Parker, X. Wang, Exploiting trust-based social networks for distributed protection of sensitive data. IEEE Trans. Inf. Forensics Secur. 6(1), 39–52 (2011)
S. Xu, W. Lu, L. Xu, Push- and pull-based epidemic spreading in arbitrary networks: thresholds and deeper insights. ACM Trans. Auton. Adapt. Syst. 7(3), 32:1–32:26 (2012)
S. Xu, W. Lu, Z. Zhan, A stochastic model of multivirus dynamics. IEEE Trans. Dependable Secure Comput. 9(1), 30–45 (2012)
L. Xu, Z. Zhan, S. Xu, K. Ye, Cross-layer detection of malicious websites, in Third ACM Conference on Data and Application Security and Privacy (ACM CODASPY’13) (2013), pp. 141–152
L. Xu, Z. Zhan, S. Xu, K. Ye, An evasion and counter-evasion study in malicious websites detection, in IEEE Conference on Communications and Network Security (CNS’14) (2013), pp. 141–152
S. Xu, W. Lu, L. Xu, Z. Zhan, Adaptive epidemic dynamics in networks: thresholds and control. ACM Trans. Auton. Adapt. Syst. 8(4), 19 (2014)
M. Xu, G. Da, S. Xu, Cyber epidemic models with dependences. Internet Math. 11(1), 62–92 (2015)
S. Xu, W. Lu, H. Li, A stochastic model of active cyber defense dynamics. Internet Math. 11(1), 23–61 (2015)
M. Xu, L. Hua, S. Xu, A vine copula model for predicting the effectiveness of cyber defense early-warning. Technometrics 59(4), 508–520 (2017)
M. Xu, K.M. Schweitzer, R.M. Bateman, S. Xu, Modeling and predicting cyber hacking breaches. IEEE Trans. Inf. Forensics Secur. 13(11), 2856–2871 (2018)
F. Yamaguchi, F. “FX” Lindner, K. Rieck, Vulnerability extrapolation: assisted discovery of vulnerabilities using machine learning, in Proceedings of the 5th USENIX Workshop on Offensive Technologies, WOOT’11, 8 Aug 2011, San Francisco (2011), pp. 118–127
F. Yamaguchi, M. Lottmann, K. Rieck, Generalized vulnerability extrapolation using abstract syntax trees, in 28th Annual Computer Security Applications Conference, ACSAC 2012, Orlando (2012), pp. 359–368
F. Yamaguchi, C. Wressnegger, H. Gascon, K. Rieck, Chucky: exposing missing checks in source code for vulnerability discovery, in 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS’13, Berlin (2013), pp. 499–510
Z. Zhan, M. Xu, S. Xu, Characterizing honeypot-captured cyber attacks: statistical framework and case study. IEEE Trans. Inf. Forensics Secur. 8(11), 1775–1789 (2013)
Z. Zhan, M. Xu, S. Xu, A characterization of cybersecurity posture from network telescope data, in Proceedings of the 6th International Conference on Trustworthy Systems (InTrust’14) (2014), pp. 105–126
Z. Zhan, M. Xu, S. Xu, Predicting cyber attack rates with extreme values. IEEE Trans. Inf. Forensics Secur. 10(8), 1666–1677 (2015)
Y. Zhao, Y. Xie, F. Yu, Q. Ke, Y. Yu, Y. Chen, E. Gillum, BotGraph: large scale spamming botnet detection, in Proc. NSDI’09 (2009), pp. 321–334
Q. Zheng, S. Xu, Fair and dynamic proofs of retrievability, in First ACM Conference on Data and Application Security and Privacy, (CODASPY’2011) (2011), pp. 237–248
Q. Zheng, S. Xu, Secure and efficient proof of storage with deduplication, in Second ACM Conference on Data and Application Security and Privacy (CODASPY’2012) (2012), pp. 1–12
Q. Zheng, S. Xu, Verifiable delegated set intersection operations on outsourced encrypted data, in 2015 IEEE International Conference on Cloud Engineering, IC2E 2015 (2015), pp. 175–184
Q. Zheng, S. Xu, G. Ateniese, Efficient query integrity for outsourced dynamic databases, in Proceedings of the 2012 ACM Workshop on Cloud Computing Security, CCSW 2012, Raleigh, 19 Oct 2012, pp. 71–82
Q. Zheng, S. Xu, G. Ateniese, VABKS: verifiable attribute-based keyword search over outsourced encrypted data, in Proceedings of the 2014 IEEE Conference on Computer Communications (INFOCOM’2014) (2014), pp. 522–530
R. Zheng, W. Lu, S. Xu, Active cyber defense dynamics exhibiting rich phenomena, in Proceedings of the 2015 Symposium and Bootcamp on the Science of Security (HotSoS’15) (2015), pp. 2:1–2:12
R. Zheng, W. Lu, S. Xu, Preventive and reactive cyber defense dynamics is globally stable. IEEE Trans. Netw. Sci. Eng. 5(2), 156–170 (2017)
S. Zhu, S. Setia, S. Xu, S. Jajodia, GKMPAN: an efficient group rekeying scheme for secure multicast in ad-hoc networks. J. Comput. Secur. 14(4), 301–325 (2006)
Acknowledgements
This work was supported in part by ARO Grant # W911NF-17-1-0566 and ARL Grant # W911NF-17-2-0127. The author would like to thank his mentors for their encouragement, and his collaborators (including his former and current students) for deepening his understanding of the problem and potential solutions. The author would also like to thank Lisa Ho and John Charlton for proofreading the present chapter.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 This is a U.S. government work and not under copyright protection in the U.S.; foreign copyright protection may apply
About this chapter
Cite this chapter
Xu, S. (2019). Cybersecurity Dynamics: A Foundation for the Science of Cybersecurity. In: Wang, C., Lu, Z. (eds) Proactive and Dynamic Network Defense. Advances in Information Security, vol 74. Springer, Cham. https://doi.org/10.1007/978-3-030-10597-6_1
Download citation
DOI: https://doi.org/10.1007/978-3-030-10597-6_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-10596-9
Online ISBN: 978-3-030-10597-6
eBook Packages: Computer ScienceComputer Science (R0)