A Stochastic Network-interdiction Model for Cyber Security
A Stochastic Network-interdiction Model for Cyber Security

Author:

Publisher:

Published: 2014

Total Pages: 81

ISBN-13:

DOWNLOAD EBOOK

We propose a general defender-attacker model for security of computer networks, using attack graphs to represent the possible attacker strategies and defender options. The defender's objective is to maximize the security of the network under a limited budget. In the literature, most network-interdiction models allow the attacker only one attempt; other models allow multiple attempts, but assume that any subsequent attempt begins at the point where the previous attempt failed. By contrast, in computer security, the attacker could be operating from the safety of a foreign country, and the cost of changing attack strategies may be quite low, so a new model is needed. To capture the ability of the attacker to launch multiple attempts, we represent the attacker's success on each arc of the attack graph probabilistically, and formulate the resulting problem as a multiple-stage stochastic network-interdiction problem. In the resulting game, the defender anticipates both the attacker's strategy choices, and their probabilities of success, and chooses which arcs in the attack graph to protect in order to defend against multiple attempted attacks. The attacker then launches an optimal attack against the system, knowing which arcs have been protected. If the attacker fails at the first attempt, a second-stage optimal strategy is chosen, based on a revised attack graph showing which arcs have been successfully traversed (with success probabilities of 1), and which arc failed (assumed to have success probability 0). We solve the resulting problem using multi-stage stochastic optimization with recourse, and explore the attacker's strategies.

Risk-averse Bi-level Stochastic Network Interdiction Model for Cyber-security Risk Management
Risk-averse Bi-level Stochastic Network Interdiction Model for Cyber-security Risk Management

Author:

Publisher:

Published: 2018

Total Pages:

ISBN-13:

DOWNLOAD EBOOK

This research presents a bi-level stochastic network interdiction model on an attack graph to enable a risk-averse resource constrained cyber network defender to optimally deploy security countermeasures to protect against attackers having an uncertain budget. This risk-averse conditional-value-at-risk model minimizes a weighted sum of the expected maximum loss over all scenarios and the expected maximum loss from the most damaging attack scenarios. We develop an exact algorithm to solve our model as well as several acceleration techniques to improve the computational efficiency. Computational experiments demonstrate that the application of all the acceleration techniques reduces the average computation time of the basic algorithm by 71% for 100-node graphs. Using metrics called mean-risk value of stochastic solution and value of risk-aversion, numerical results suggest that our stochastic risk-averse model significantly outperforms deterministic and risk-neutral models when 1) the distribution of attacker budget is heavy-right-tailed and 2) the defender is highly risk-averse.

Risk-averse Bi-level Stochastic Network Interdiction Model for Cyber-security Risk Management
Risk-averse Bi-level Stochastic Network Interdiction Model for Cyber-security Risk Management

Author: Tanveer Hossain Bhuiyan

Publisher:

Published: 2018

Total Pages: 65

ISBN-13:

DOWNLOAD EBOOK

This research presents a bi-level stochastic network interdiction model on an attack graph to enable a risk-averse resource constrained cyber network defender to optimally deploy security countermeasures to protect against attackers having an uncertain budget. This risk-averse conditional-value-at-risk model minimizes a weighted sum of the expected maximum loss over all scenarios and the expected maximum loss from the most damaging attack scenarios. We develop an exact algorithm to solve our model as well as several acceleration techniques to improve the computational efficiency. Computational experiments demonstrate that the application of all the acceleration techniques reduces the average computation time of the basic algorithm by 71% for 100-node graphs. Using metrics called mean-risk value of stochastic solution and value of risk-aversion, numerical results suggest that our stochastic risk-averse model significantly outperforms deterministic and risk-neutral models when 1) the distribution of attacker budget is heavy-right-tailed and 2) the defender is highly risk-averse.

Network Interdiction and Stochastic Integer Programming
Network Interdiction and Stochastic Integer Programming

Author: David L. Woodruff

Publisher: Springer Science & Business Media

Published: 2006-04-11

Total Pages: 134

ISBN-13: 030648109X

DOWNLOAD EBOOK

On March 15, 2002 we held a workshop on network interdiction and the more general problem of stochastic mixed integer programming at the University of California, Davis. Jesús De Loera and I co-chaired the event, which included presentations of on-going research and discussion. At the workshop, we decided to produce a volume of timely work on the topics. This volume is the result. Each chapter represents state-of-the-art research and all of them were refereed by leading investigators in the respective fields. Problems - sociated with protecting and attacking computer, transportation, and social networks gain importance as the world becomes more dep- dent on interconnected systems. Optimization models that address the stochastic nature of these problems are an important part of the research agenda. This work relies on recent efforts to provide methods for - dressing stochastic mixed integer programs. The book is organized with interdiction papers first and the stochastic programming papers in the second part. A nice overview of the papers is provided in the Foreward written by Roger Wets.

Network Interdiction Models and Algorithms for Information Security
Network Interdiction Models and Algorithms for Information Security

Author: Apurba Kumer Nandi

Publisher:

Published: 2016

Total Pages: 152

ISBN-13:

DOWNLOAD EBOOK

Major cyber attacks against the cyber networks of organizations has become a common phenomenon nowadays. Cyber attacks are carried out both through the spread of malware and also through multi-stage attacks known as hacking. A cyber network can be represented directly as a simple directed or undirected network (graph) of nodes and arcs. It can also be represented by a transformed network such as the attack graph which uses information about network topology, attacker profile, and existing vulnerabilities to represent all the potential attack paths from readily accesible vulnerabilities to valuable target nodes. Then, interdicting or hardening a subset of arcs in the network naturally maps into deploying security countermeasures on the associated devices or connections. In this dissertation, we develop network interdiction models and algorithms to optimally select a subset of arcs which upon interdiction minimizes the spread of infection or minimizes the loss from multi-stage attacks. In particular, we define four novel network connectivity-based metrics and develop interdiction models to optimize the metrics. Direct network representation of the physical cyber network is used as the underlying network in this case. Two of the interdiction models prove to be very effective arc removal methods for minimizing the spread of infection. We also develop multi-level network interdiction models that remove a subset of arcs to minimize the loss from multi-stage attacks. Our models capture the defenderattacker interaction in terms of stackelberg zero-sum games considering the attacker both as a complete rational and bounded rational agents. Our novel solution algorithms based on constraint and column generation and enhanced by heuristic methods efficiently solve the difficult multi-level mixed-integer programs with integer variables in all levels in reasonable times.

Proceedings of International Conference on Computing and Communication Networks
Proceedings of International Conference on Computing and Communication Networks

Author: Ali Kashif Bashir

Publisher: Springer Nature

Published: 2022-07-08

Total Pages: 590

ISBN-13: 9811906041

DOWNLOAD EBOOK

This book includes selected peer-reviewed papers presented at the International Conference on Computing and Communication Networks (ICCCN 2021), held at Manchester Metropolitan University, United Kingdom, during 19–20 November 2021. The book covers topics of network and computing technologies, artificial intelligence and machine learning, security and privacy, communication systems, cyber physical systems, data analytics, cyber security for Industry 4.0, and smart and sustainable environmental systems.

Data Analysis For Network Cyber-security
Data Analysis For Network Cyber-security

Author: Niall M Adams

Publisher: World Scientific

Published: 2014-04-04

Total Pages: 200

ISBN-13: 1783263768

DOWNLOAD EBOOK

There is increasing pressure to protect computer networks against unauthorized intrusion, and some work in this area is concerned with engineering systems that are robust to attack. However, no system can be made invulnerable. Data Analysis for Network Cyber-Security focuses on monitoring and analyzing network traffic data, with the intention of preventing, or quickly identifying, malicious activity.Such work involves the intersection of statistics, data mining and computer science. Fundamentally, network traffic is relational, embodying a link between devices. As such, graph analysis approaches are a natural candidate. However, such methods do not scale well to the demands of real problems, and the critical aspect of the timing of communications events is not accounted for in these approaches.This book gathers papers from leading researchers to provide both background to the problems and a description of cutting-edge methodology. The contributors are from diverse institutions and areas of expertise and were brought together at a workshop held at the University of Bristol in March 2013 to address the issues of network cyber security. The workshop was supported by the Heilbronn Institute for Mathematical Research.

Game Theoretic Risk Analysis of Security Threats
Game Theoretic Risk Analysis of Security Threats

Author: Vicki M. Bier

Publisher: Springer Science & Business Media

Published: 2008-10-20

Total Pages: 239

ISBN-13: 0387877673

DOWNLOAD EBOOK

Game Theoretic Risk Analysis of Security Threats introduces reliability and risk analysis in the face of threats by intelligent agents. More specifically, game-theoretic models are developed for identifying optimal and/or equilibrium defense and attack strategies in systems of varying degrees of complexity. The book covers applications to networks, including problems in both telecommunications and transportation. However, the book’s primary focus is to integrate game theory and reliability methodologies into a set of techniques to predict, detect, diminish, and stop intentional attacks at targets that vary in complexity. In this book, Bier and Azaiez highlight work by researchers who combine reliability and risk analysis with game theory methods to create a set of functional tools that can be used to offset intentional, intelligent threats (including threats of terrorism and war). These tools will help to address problems of global security and facilitate more cost-effective defensive investments.

Operations Research, Computing, and Homeland Defense
Operations Research, Computing, and Homeland Defense

Author: R. Kevin Wood

Publisher: INFORMS

Published: 2011

Total Pages: 217

ISBN-13: 0984337814

DOWNLOAD EBOOK

This book is published in conjunction with the 12th Computing Society Conference, held January 9, 2011, in Monterey, California. The themes of the conference and this book are operations research, computing, and homeland defense. The papers cover topics on the theory of computing, mathematical programming, game theory, statistics and more; over half have applications to homeland defense.

Game Theory and Machine Learning for Cyber Security
Game Theory and Machine Learning for Cyber Security

Author: Charles A. Kamhoua

Publisher: John Wiley & Sons

Published: 2021-09-15

Total Pages: 546

ISBN-13: 1119723922

DOWNLOAD EBOOK

GAME THEORY AND MACHINE LEARNING FOR CYBER SECURITY Move beyond the foundations of machine learning and game theory in cyber security to the latest research in this cutting-edge field In Game Theory and Machine Learning for Cyber Security, a team of expert security researchers delivers a collection of central research contributions from both machine learning and game theory applicable to cybersecurity. The distinguished editors have included resources that address open research questions in game theory and machine learning applied to cyber security systems and examine the strengths and limitations of current game theoretic models for cyber security. Readers will explore the vulnerabilities of traditional machine learning algorithms and how they can be mitigated in an adversarial machine learning approach. The book offers a comprehensive suite of solutions to a broad range of technical issues in applying game theory and machine learning to solve cyber security challenges. Beginning with an introduction to foundational concepts in game theory, machine learning, cyber security, and cyber deception, the editors provide readers with resources that discuss the latest in hypergames, behavioral game theory, adversarial machine learning, generative adversarial networks, and multi-agent reinforcement learning. Readers will also enjoy: A thorough introduction to game theory for cyber deception, including scalable algorithms for identifying stealthy attackers in a game theoretic framework, honeypot allocation over attack graphs, and behavioral games for cyber deception An exploration of game theory for cyber security, including actionable game-theoretic adversarial intervention detection against advanced persistent threats Practical discussions of adversarial machine learning for cyber security, including adversarial machine learning in 5G security and machine learning-driven fault injection in cyber-physical systems In-depth examinations of generative models for cyber security Perfect for researchers, students, and experts in the fields of computer science and engineering, Game Theory and Machine Learning for Cyber Security is also an indispensable resource for industry professionals, military personnel, researchers, faculty, and students with an interest in cyber security.