Pareto-Optimal Adversarial Defense of Enterprise Systems

Serra, Edoardo; Jajodia, Sushil; Pugliese, Andrea; Rullo, Antonino; Subrahmanian, V. S.

doi:10.1145/2699907

Cited by 41 publications

(24 citation statements)

References 37 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…(69,70) On the same line, but from an economic perspective, other approaches consider the interplay between attacker and defender to define game-theoretic models with the goal of deriving mixed equilibria (whose outcomes are defined in terms of impacts and probabilities) leading to different risks. (66,75) However, these approaches leave the estimation of "likelihood of event" to the judgment of an expert that either directly sets probabilities of attack, or sets some parameters of the computational or game-theoretical model that derives the quantitative probabilities as a function of that input. (68) Patented methodologies often employ a mixture of system (76,77) and game-theoretic (78) approaches to evaluate overall system risk.…”

Section: Limitations Of Current Risk Assessment Methodologiesmentioning

confidence: 99%

Security Events and Vulnerability Data for Cybersecurity Risk Estimation

Allodi

Massacci

2017

Risk Analysis

View full text Add to dashboard Cite

Current industry standards for estimating cybersecurity risk are based on qualitative risk matrices as opposed to quantitative risk estimates. In contrast, risk assessment in most other industry sectors aims at deriving quantitative risk estimations (e.g., Basel II in Finance). This article presents a model and methodology to leverage on the large amount of data available from the IT infrastructure of an organization's security operation center to quantitatively estimate the probability of attack. Our methodology specifically addresses untargeted attacks delivered by automatic tools that make up the vast majority of attacks in the wild against users and organizations. We consider two-stage attacks whereby the attacker first breaches an Internet-facing system, and then escalates the attack to internal systems by exploiting local vulnerabilities in the target. Our methodology factors in the power of the attacker as the number of "weaponized" vulnerabilities he/she can exploit, and can be adjusted to match the risk appetite of the organization. We illustrate our methodology by using data from a large financial institution, and discuss the significant mismatch between traditional qualitative risk assessments and our quantitative approach.

show abstract

Section: Limitations Of Current Risk Assessment Methodologiesmentioning

confidence: 99%

Security Events and Vulnerability Data for Cybersecurity Risk Estimation

Allodi

Massacci

2017

Risk Analysis

View full text Add to dashboard Cite

show abstract

“…The Approximation Response is mainly responsible for finding strategies to improve the payoff of defenders. In this paper, the greedy algorithm is used to calculate the pure strategy for improving the payoff of defenders [49], i.e., U d (D, y) > U d (x, y). First, we prove the payoff function is a sub-modularity function, which can get a good solution utilizing the greedy algorithm.…”

Section: Approximation Responsementioning

confidence: 99%

A Stackelberg Security Game for Adversarial Outbreak Detection in the Internet of Things

Chen

Wang

et al. 2020

Sensors

View full text Add to dashboard Cite

With limited computing resources and a lack of physical lines of defense, the Internet of Things (IoT) has become a focus of cyberattacks. In recent years, outbreak propagation attacks against the IoT have occurred frequently, and these attacks are often strategical. In order to detect the outbreak propagation as soon as possible, t embedded Intrusion Detection Systems (IDSs) are widely deployed in the IoT. This paper tackles the problem of outbreak detection in adversarial environment in the IoT. A dynamic scheduling strategy based on specific IDSs monitoring of IoT devices is proposed to avoid strategic attacks. Firstly, we formulate the interaction between the defender and attacker as a Stackelberg game in which the defender first chooses a set of device nodes to activate, and then the attacker selects one seed (one device node) to spread the worms. This yields an extremely complex bilevel optimization problem. Our approach is to build a modified Column Generation framework for computing the optimal strategy effectively. The optimal response of the defender's problem is expressed as mixed-integer linear programming (MILPs). It is proved that the solution of the defender's optimal response is a NP-hard problem. Moreover, the optimal response of defenders is improved by an approximate algorithm-a greedy algorithm. Finally, the proposed scheme is tested on some randomly generated instances. The experimental results show that the scheme is effective for monitoring optimal scheduling.Sensors 2020, 20, 804 2 of 20 with IoT devices, such as the medical systems [7]. To detect the worm outbreak propagation as soon as possible, we can collect potential threat data by deploying specific embedded Intrusion Detection Systems (IDSs) in the IoT [8,9]. Therefore, the rapid detection of the worm outbreak propagation in the IoT with limited resources by IDS has become an urgent problem to be solved. Herein, such IoT devices with embedded IDS are collectively referred to as "sensors". The "scheduling strategy" mentioned in the following chapters of this paper is mainly aimed at methods of "sensor" combination opening. MotivationGenerally, the initiator of outbreak propagation is a malicious party, and our goal is to detect the outbreak propagation as soon as possible. For example, in a water network, the problem is where should we place a limited number of sensors to quickly detect contaminants [10][11][12][13][14], while in smart power grids, what is concerned about is finding the failure node in a short time [15]. It is natural in these scenarios to consider the problem of adversarial outbreak detection (AOD), where the defender can first select a set of nodes to deploy sensors, and subsequently the attacker can choose the source of infection to spread malicious information. Although there have been many studies on the AOD problem [11,15], the scenario setting of these works (e.g., a water network setting) is different from our scenario and assumptions (e.g., cybersecurity settings and parameters). A common assumption in the e...

show abstract

“…Our agent model is more general than the previous ones because agents can access partial information on the target system. Furthermore, we are not interested in the optimal sequence or in the optimal strategy to select a sequence [33]. Instead, our goal is an accurate modelling of how agents acquire information on the target system, select an attack sequence and change the sequence they implement when countermeasures are deployed.…”

Section: Related Workmentioning

confidence: 99%

Iterative selection of countermeasures for intelligent threat agents

2015

View full text Add to dashboard Cite

We describe a model-based approach to select cost-effective countermeasures for an information and communication technology infrastructure under attack by intelligent agents. Each agent tries to reach some predefined goals through a sequence of attacks. The proposed approach builds the models of the infrastructure and of the agents, and then it applies a Monte Carlo method that runs multiple, independent simulations of the agent attacks. These simulations produce a statistical sample that is used to assess the risk. The selection of countermeasures works in an iterative way where each iteration selects some countermeasures and applies the Monte Carlo method to evaluate any residual risk. In this way, it takes into account that an intelligent agent may select distinct attacks to replace those affected by the countermeasures. To improve cost effectiveness, the selection focuses on useful attacks to reach a goal. The Haruspex suite is an integrated set of tool to support this approach. Some of its tools build the models of the agents and the one of the system. Another tool uses these models to apply the Monte Carlo method and simulate the agent attacks. This tool is iteratively invoked by the one that select countermeasures. We describe the adoption of the suite to assess and manage the risk of three industrial control system

show abstract

Pareto-Optimal Adversarial Defense of Enterprise Systems

Cited by 41 publications

References 37 publications

Security Events and Vulnerability Data for Cybersecurity Risk Estimation

Security Events and Vulnerability Data for Cybersecurity Risk Estimation

A Stackelberg Security Game for Adversarial Outbreak Detection in the Internet of Things

Iterative selection of countermeasures for intelligent threat agents

Contact Info

Product

Resources

About