Jeffrey Acquaviva, Mark Mahon, Bruce Einfalt, T. LaPorta
We introduce a novel mathematical model that treats network security as a game between cyber attackers and network administrators. The model takes the form of a zero-sum repeated game where each sub-game corresponds to a possible state of the attacker. Our formulation views state as the set of compromised edges in a graph opposed to the more traditional node-based view. This provides a more expressive model since it allows the defender to anticipate the direction of attack. Both players move independently and in continuous time allowing for the possibility of one player moving several times before the other does. This model shows that defense-in-depth is not always a rational strategy for budget constrained network administrators. Furthermore, a defender can dissuade a rational attacker from attempting to attack a network if the defense budget is sufficiently high. This means that a network administrator does not need to make their system completely free of vulnerabilities, they only to ensure the penalties for being caught outweigh the potential rewards gained.
{"title":"Optimal Cyber-Defense Strategies for Advanced Persistent Threats: A Game Theoretical Analysis","authors":"Jeffrey Acquaviva, Mark Mahon, Bruce Einfalt, T. LaPorta","doi":"10.1109/SRDS.2017.29","DOIUrl":"https://doi.org/10.1109/SRDS.2017.29","url":null,"abstract":"We introduce a novel mathematical model that treats network security as a game between cyber attackers and network administrators. The model takes the form of a zero-sum repeated game where each sub-game corresponds to a possible state of the attacker. Our formulation views state as the set of compromised edges in a graph opposed to the more traditional node-based view. This provides a more expressive model since it allows the defender to anticipate the direction of attack. Both players move independently and in continuous time allowing for the possibility of one player moving several times before the other does. This model shows that defense-in-depth is not always a rational strategy for budget constrained network administrators. Furthermore, a defender can dissuade a rational attacker from attempting to attack a network if the defense budget is sufficiently high. This means that a network administrator does not need to make their system completely free of vulnerabilities, they only to ensure the penalties for being caught outweigh the potential rewards gained.","PeriodicalId":6475,"journal":{"name":"2017 IEEE 36th Symposium on Reliable Distributed Systems (SRDS)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78931176","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Jin B. Hong, Seunghyun Yoon, Hyuk Lim, Dong Seong Kim
A Software Defined Network (SDN) provides functionalities for modifying network configurations. To enhance security, Moving Target Defense (MTD) techniques are deployed in the networks to continuously change the attack surface. In this paper, we realize an MTD system by exploiting the SDN functionality to optimally reconfigure the network topology. We introduce a novel problem Shuffle Assignment Problem (SAP), the reconfiguration of a network topology for enhanced security, and we show how to compute the optimal solution for small-sized networks and the near-optimal solution for large-sized networks using a heuristic method. In addition, we propose a shuffle-based online MTD mechanism, which periodically reconfigures the network topology to continuously change the attack surface. This mechanism also selects an optimal countermeasure using our proposed topological distance metric in real-time when an attack is detected. We demonstrate the feasibility and the effectiveness of our proposed solutions through experimental analysis on an SDN testbed and simulations.
软件定义网络(SDN)提供修改网络配置的功能。为了提高网络的安全性,移动目标防御(MTD)技术被部署到网络中,使攻击面不断变化。在本文中,我们通过利用SDN功能来优化重新配置网络拓扑来实现MTD系统。我们介绍了一个新的问题Shuffle Assignment problem (SAP),一个网络拓扑结构的重新配置以增强安全性,我们展示了如何使用启发式方法计算小型网络的最优解和大型网络的近最优解。此外,我们提出了一种基于shuffle的在线MTD机制,该机制定期重新配置网络拓扑以不断改变攻击面。当检测到攻击时,该机制还使用我们提出的拓扑距离度量实时选择最佳对策。通过SDN试验台的实验分析和仿真,验证了所提方案的可行性和有效性。
{"title":"Optimal Network Reconfiguration for Software Defined Networks Using Shuffle-Based Online MTD","authors":"Jin B. Hong, Seunghyun Yoon, Hyuk Lim, Dong Seong Kim","doi":"10.1109/SRDS.2017.32","DOIUrl":"https://doi.org/10.1109/SRDS.2017.32","url":null,"abstract":"A Software Defined Network (SDN) provides functionalities for modifying network configurations. To enhance security, Moving Target Defense (MTD) techniques are deployed in the networks to continuously change the attack surface. In this paper, we realize an MTD system by exploiting the SDN functionality to optimally reconfigure the network topology. We introduce a novel problem Shuffle Assignment Problem (SAP), the reconfiguration of a network topology for enhanced security, and we show how to compute the optimal solution for small-sized networks and the near-optimal solution for large-sized networks using a heuristic method. In addition, we propose a shuffle-based online MTD mechanism, which periodically reconfigures the network topology to continuously change the attack surface. This mechanism also selects an optimal countermeasure using our proposed topological distance metric in real-time when an attack is detected. We demonstrate the feasibility and the effectiveness of our proposed solutions through experimental analysis on an SDN testbed and simulations.","PeriodicalId":6475,"journal":{"name":"2017 IEEE 36th Symposium on Reliable Distributed Systems (SRDS)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80444428","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}