“…The persistence attack consists of the techniques used by the adversary to continually maintain a foothold on the system. One example of the persistence techniques is presented by He et al [60] for a cyber SA system in the IoT network. In the work, He et al considered an adversary who is able to expand persistence by using malware.…”
Cyberspace is full of uncertainty in terms of advanced and sophisticated cyber threats which are equipped with novel approaches to learn the system and propagate themselves, such as AI-powered threats. To debilitate these types of threats, a modern and intelligent Cyber Situation Awareness (SA) system need to be developed which has the ability of monitoring and capturing various types of threats, analyzing and devising a plan to avoid further attacks. This paper provides a comprehensive study on the current state-of-the-art in the cyber SA to discuss the following aspects of SA: key design principles, framework, classifications, data collection, and analysis of the techniques, and evaluation methods. Lastly, we highlight misconceptions, insights and limitations of this study and suggest some future work directions to address the limitations.
“…The persistence attack consists of the techniques used by the adversary to continually maintain a foothold on the system. One example of the persistence techniques is presented by He et al [60] for a cyber SA system in the IoT network. In the work, He et al considered an adversary who is able to expand persistence by using malware.…”
Cyberspace is full of uncertainty in terms of advanced and sophisticated cyber threats which are equipped with novel approaches to learn the system and propagate themselves, such as AI-powered threats. To debilitate these types of threats, a modern and intelligent Cyber Situation Awareness (SA) system need to be developed which has the ability of monitoring and capturing various types of threats, analyzing and devising a plan to avoid further attacks. This paper provides a comprehensive study on the current state-of-the-art in the cyber SA to discuss the following aspects of SA: key design principles, framework, classifications, data collection, and analysis of the techniques, and evaluation methods. Lastly, we highlight misconceptions, insights and limitations of this study and suggest some future work directions to address the limitations.
“…Stochastic Petri net (SPN) is a specific Petri net model which introduces stochastic processes for performance analysis. He et al [29] defined a stochastic colored Petri net (SCPN) model for the IoT-based smart environment and proposed a game model for security situational awareness. Zhang et al [30] proposed a hierarchical-timed-colored Petri net (HTCPN) model to analyze the sensor performance data for IoT-enabled realtime environment.…”
Section: B Model-based Analytical Approachesmentioning
With the prevalence of Internet of Things (IoT), edge computing has emerged as a novel computing model for optimizing traditional cloud computing systems by moving part of the computational tasks to the edge of the network for better performance and security. With the technique of services computing, edge computing systems can accommodate the application requirements with more agility and flexibility. In large-scale edge computing systems, service composition as one of the most important problems in services computing suffers from several new challenges, i.e., complex layered architecture, failures and recoveries always in the lifecycle, and search space explosion. In this paper, we make an attempt at addressing these challenges by designing a simulation-based optimization approach for reliability-aware service composition. Composite stochastic Petri net models are proposed for formulating the dynamics of multi-layered edge computing systems, and their corresponding quantitative analysis is conducted. To solve the state explosion problem in large-scale systems or complex service processes, time scale decomposition technique is applied to improving the efficiency of model solving. Additionally, simulation schemes are designed for performance evaluation and optimization, and ordinal optimization technique is introduced to significantly reduce the size of the search space. Finally, we conduct experiments based on real-life data, and the empirical results validate the efficacy of the approach.
“…Wang et al established an attack and defense game model based on stochastic Petri nets [12], which can analyze and evaluate the attack success rate, average attack time, vulnerable nodes, and potential attack paths of the target network. He et al [13] defined the Stochastic Colored Petri Nets (SCPN) based on the Internet of ings (IoT) when studying the offensive and defensive scenarios of the smart home and obtained the game model of security situational awareness. It can effectively predict the attacker's potential attack strategy and achieve the purpose of promoting defense strategy selection.…”
Section: Related Workmentioning
confidence: 99%
“…e optimal defense strategy was obtained by calculating the Nash equilibrium, and the model was able to obtain the evolution equilibrium state under the stochastic game rules. e above literature [12][13][14][15][16] has a strong dynamic analysis ability for the concurrency, asynchrony, and uncertainty of the system. It has the advantages of less modeling language and intuitive graphical representation that can describe the state and behavior of the system.…”
Section: Related Workmentioning
confidence: 99%
“…erefore, researchers tried to further improve the effectiveness of the model and more accurately describe the evolutionary game of attack and defense by using stochasticity [9][10][11][12][13][14][15][16][17][18][19][20][21][22][23][24][25]. In the stochastic game of this paper, the attackers will try to interfere or destroy the network environment.…”
In recent years, evolutionary game theory has been gradually applied to analyze and predict network attack and defense for maintaining cybersecurity. The traditional deterministic game model cannot accurately describe the process of actual network attack and defense due to changing in the set of attack-defense strategies and external factors (such as the operating environment of the system). In this paper, we construct a stochastic evolutionary game model by the stochastic differential equation with Markov property. The evolutionary equilibrium solution of the model is found and the stability of the model is proved according to the knowledge of the stochastic differential equation. And we apply the explicit Euler numerical method to analyze the evolution of the strategy selection of the players for different problem situations. The simulation results show that the stochastic evolutionary game model proposed in this paper can get a steady state and obtain the optimal defense strategy under the action of the stochastic disturbance factor. In addition, compared with other kinds of literature, we can conclude that the return on security investment of this model is better, and the strategy selection of the attackers and defenders in our model is more suitable for actual network attack and defense.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.