Online algorithms for adaptive cyber defense on Bayesian attack graphs

Zhisheng Hu, Minghui Zhu, Peng Liu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

Emerging zero-day vulnerabilities in information and communications technology systems make cyber defenses very challenging. In particular, the defender faces uncertainties of; e.g., system states and the locations and the impacts of vulnerabilities. In this paper, we study the defense problem on a computer network that is modeled as a partially observable Markov decision process on a Bayesian attack graph. We propose online algorithms which allow the defender to identify effective defense policies when utility functions are unknown a priori. The algorithm performance is verified via numerical simulations based on real-world attacks.

Original languageEnglish (US)
Title of host publicationMTD 2017 - Proceedings of the 2017 Workshop on Moving Target Defense, co-located with CCS 2017
PublisherAssociation for Computing Machinery, Inc
Pages99-109
Number of pages11
ISBN (Electronic)9781450351768
DOIs
StatePublished - Oct 30 2017
Event4th ACM Workshop on Moving Target Defense, MTD 2017 - Dallas, United States
Duration: Oct 30 2017 → …

Publication series

NameMTD 2017 - Proceedings of the 2017 Workshop on Moving Target Defense, co-located with CCS 2017
Volume2017-January

Other

Other4th ACM Workshop on Moving Target Defense, MTD 2017
CountryUnited States
CityDallas
Period10/30/17 → …

Fingerprint

Computer networks
Communication
Computer simulation
Uncertainty

All Science Journal Classification (ASJC) codes

  • Control and Systems Engineering
  • Computer Science Applications
  • Computer Networks and Communications

Cite this

Hu, Z., Zhu, M., & Liu, P. (2017). Online algorithms for adaptive cyber defense on Bayesian attack graphs. In MTD 2017 - Proceedings of the 2017 Workshop on Moving Target Defense, co-located with CCS 2017 (pp. 99-109). (MTD 2017 - Proceedings of the 2017 Workshop on Moving Target Defense, co-located with CCS 2017; Vol. 2017-January). Association for Computing Machinery, Inc. https://doi.org/10.1145/3140549.3140556
Hu, Zhisheng ; Zhu, Minghui ; Liu, Peng. / Online algorithms for adaptive cyber defense on Bayesian attack graphs. MTD 2017 - Proceedings of the 2017 Workshop on Moving Target Defense, co-located with CCS 2017. Association for Computing Machinery, Inc, 2017. pp. 99-109 (MTD 2017 - Proceedings of the 2017 Workshop on Moving Target Defense, co-located with CCS 2017).
@inproceedings{b102af82471449108ac17ca515af238c,
title = "Online algorithms for adaptive cyber defense on Bayesian attack graphs",
abstract = "Emerging zero-day vulnerabilities in information and communications technology systems make cyber defenses very challenging. In particular, the defender faces uncertainties of; e.g., system states and the locations and the impacts of vulnerabilities. In this paper, we study the defense problem on a computer network that is modeled as a partially observable Markov decision process on a Bayesian attack graph. We propose online algorithms which allow the defender to identify effective defense policies when utility functions are unknown a priori. The algorithm performance is verified via numerical simulations based on real-world attacks.",
author = "Zhisheng Hu and Minghui Zhu and Peng Liu",
year = "2017",
month = "10",
day = "30",
doi = "10.1145/3140549.3140556",
language = "English (US)",
series = "MTD 2017 - Proceedings of the 2017 Workshop on Moving Target Defense, co-located with CCS 2017",
publisher = "Association for Computing Machinery, Inc",
pages = "99--109",
booktitle = "MTD 2017 - Proceedings of the 2017 Workshop on Moving Target Defense, co-located with CCS 2017",

}

Hu, Z, Zhu, M & Liu, P 2017, Online algorithms for adaptive cyber defense on Bayesian attack graphs. in MTD 2017 - Proceedings of the 2017 Workshop on Moving Target Defense, co-located with CCS 2017. MTD 2017 - Proceedings of the 2017 Workshop on Moving Target Defense, co-located with CCS 2017, vol. 2017-January, Association for Computing Machinery, Inc, pp. 99-109, 4th ACM Workshop on Moving Target Defense, MTD 2017, Dallas, United States, 10/30/17. https://doi.org/10.1145/3140549.3140556

Online algorithms for adaptive cyber defense on Bayesian attack graphs. / Hu, Zhisheng; Zhu, Minghui; Liu, Peng.

MTD 2017 - Proceedings of the 2017 Workshop on Moving Target Defense, co-located with CCS 2017. Association for Computing Machinery, Inc, 2017. p. 99-109 (MTD 2017 - Proceedings of the 2017 Workshop on Moving Target Defense, co-located with CCS 2017; Vol. 2017-January).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Online algorithms for adaptive cyber defense on Bayesian attack graphs

AU - Hu, Zhisheng

AU - Zhu, Minghui

AU - Liu, Peng

PY - 2017/10/30

Y1 - 2017/10/30

N2 - Emerging zero-day vulnerabilities in information and communications technology systems make cyber defenses very challenging. In particular, the defender faces uncertainties of; e.g., system states and the locations and the impacts of vulnerabilities. In this paper, we study the defense problem on a computer network that is modeled as a partially observable Markov decision process on a Bayesian attack graph. We propose online algorithms which allow the defender to identify effective defense policies when utility functions are unknown a priori. The algorithm performance is verified via numerical simulations based on real-world attacks.

AB - Emerging zero-day vulnerabilities in information and communications technology systems make cyber defenses very challenging. In particular, the defender faces uncertainties of; e.g., system states and the locations and the impacts of vulnerabilities. In this paper, we study the defense problem on a computer network that is modeled as a partially observable Markov decision process on a Bayesian attack graph. We propose online algorithms which allow the defender to identify effective defense policies when utility functions are unknown a priori. The algorithm performance is verified via numerical simulations based on real-world attacks.

UR - http://www.scopus.com/inward/record.url?scp=85043363103&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85043363103&partnerID=8YFLogxK

U2 - 10.1145/3140549.3140556

DO - 10.1145/3140549.3140556

M3 - Conference contribution

T3 - MTD 2017 - Proceedings of the 2017 Workshop on Moving Target Defense, co-located with CCS 2017

SP - 99

EP - 109

BT - MTD 2017 - Proceedings of the 2017 Workshop on Moving Target Defense, co-located with CCS 2017

PB - Association for Computing Machinery, Inc

ER -

Hu Z, Zhu M, Liu P. Online algorithms for adaptive cyber defense on Bayesian attack graphs. In MTD 2017 - Proceedings of the 2017 Workshop on Moving Target Defense, co-located with CCS 2017. Association for Computing Machinery, Inc. 2017. p. 99-109. (MTD 2017 - Proceedings of the 2017 Workshop on Moving Target Defense, co-located with CCS 2017). https://doi.org/10.1145/3140549.3140556