Preventive and Reactive Cyber Defense Dynamics Is Globally Stable

Ren, Zheng; Lu, Wenlian; Xu, Shouhuai

doi:10.1109/tnse.2017.2734904

Cited by 53 publications

(28 citation statements)

References 44 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Consequently, multiobjective reinforcement learning algorithm is designed to obtain the optimal security strategy so as to minimize attack surface and maximize configuration diversity. For the high computational complexity of optimal strategy generation, Zheng et al [50] proposed a novel of a method to analyze different MTD strategies. By analyzing the defensive computational complexity in known special parameter domain and the entire parameter domain, it shows optimal defensive strategy in known special parameter domain convergences in polynomial complexity and defensive strategy formulation in remaining parameter domain convergences in an exponential complexity.…”

Section: (1) Strategy Selection Under Complete Information Assumptionmentioning

confidence: 99%

Moving Target Defense Techniques: A Survey

Cheng

Zhang

Jian-cheng

et al. 2018

Security and Communication Networks

View full text Add to dashboard Cite

As an active defense technique to change asymmetry in cyberattack-defense confrontation, moving target defense research has become one of the hot spots. In order to gain better understanding of moving target defense, background knowledge and inspiration are expounded at first. Based on it, the concept of moving target defense is analyzed. Secondly, literature analysis method is adopted to explain the design principles and system architecture of moving target defense. In addition, some relevant key techniques are introduced from the aspects of strategy generation, shuffling implementation, and performance evaluation. After that, the applications of moving target defense in different network architectures are illustrated. Finally, existing problems and future trend in this field are elaborated so as to provide a basis for further study.

show abstract

Section: (1) Strategy Selection Under Complete Information Assumptionmentioning

confidence: 99%

Moving Target Defense Techniques: A Survey

Cheng

Zhang

Jian-cheng

et al. 2018

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…For example, the effectiveness of antimalware tools (e.g., the false positive rate or false negative rate) is often measured based on malware samples collected during a period of time (e.g., one year), while ignoring their instantaneous evolution over time. Taking one step further from static metrics, time-dependent security metrics have been studied to characterize and quantify system states at different times, such as the proportion of compromised computers in a network [6], [7], [8], [9], [10], [11], [33], [34], [35], [36], [37], [38], [39], [40], [41], [42].…”

Section: B Dynamic Security Metrics Vs Agility Metricsmentioning

confidence: 99%

Metrics Towards Measuring Cyber Agility

Mireles

Ficke

Cho

et al. 2019

IEEE Trans.Inform.Forensic Secur.

Self Cite

View full text Add to dashboard Cite

In cyberspace, evolutionary strategies are commonly used by both attackers and defenders. For example, an attacker's strategy often changes over the course of time, as new vulnerabilities are discovered and/or mitigated. Similarly, a defender's strategy changes over time. These changes may or may not be in direct response to a change in the opponent's strategy. In any case, it is important to have a set of quantitative metrics to characterize and understand the effectiveness of attackers' and defenders' evolutionary strategies, which reflect their cyber agility. Despite its clear importance, few systematic metrics have been developed to quantify the cyber agility of attackers and defenders. In this paper, we propose the first metric framework for measuring cyber agility in terms of the effectiveness of the dynamic evolution of cyber attacks and defenses. The proposed framework is generic and applicable to transform any relevant, quantitative, and/or conventional static security metrics (e.g., false positives and false negatives) into dynamic metrics to capture dynamics of system behaviors. In order to validate the usefulness of the proposed framework, we conduct case studies on measuring the evolution of cyber attacks and defenses using two real-world datasets. We discuss the limitations of the current work and identify future research directions.

show abstract

“…The individual-level epidemic modeling technique has been successfully applied to areas such as the epidemic spreading [34][35][36][37], the malware spreading [38][39][40][41][42][43], and the rumor spreading [44]. In particular, a number of APT attack-defense models have recently been proposed by employing this technique [45][46][47][48].…”

Section: Introductionmentioning

confidence: 99%

Defending against the Advanced Persistent Threat: An Optimal Control Approach

Yang

Xiong

et al. 2018

Security and Communication Networks

View full text Add to dashboard Cite

The new cyber attack pattern of advanced persistent threat (APT) has posed a serious threat to modern society. This paper addresses the APT defense problem, i.e., the problem of how to effectively defend against an APT campaign.Based on a novel APT attack-defense model, the effectiveness of an APT defense strategy is quantified. Thereby, the APT defense problem is modeled as an optimal control problem, in which an optimal control stands for a most effective APT defense strategy. The existence of an optimal control is proved, and an optimality system is derived.Consequently, an optimal control can be figured out by solving the optimality system. Some examples of the optimal control are given. Finally, the influence of some factors on the effectiveness of an optimal control is examined through computer experiments. These findings help organizations to work out policies of defending against APTs.

show abstract

Preventive and Reactive Cyber Defense Dynamics Is Globally Stable

Cited by 53 publications

References 44 publications

Moving Target Defense Techniques: A Survey

Moving Target Defense Techniques: A Survey

Metrics Towards Measuring Cyber Agility

Defending against the Advanced Persistent Threat: An Optimal Control Approach

Contact Info

Product

Resources

About