A Markov Game Model for AI-based Cyber Security Attack Mitigation

The new generation of cyber threats leverages advanced AI-aided methods, which make them capable to launch multi-stage, dynamic, and effective attacks. Current cyberdefense systems encounter various challenges to defend against such new and emerging threats. Modeling AI-aided threats through game theory models can help the defender to select optimal strategies against the attacks and make wise decisions to mitigate the attack’s impact. This paper first explores the current state-of-the-art in the new generation of threats in which AI techniques such as deep neural network is used for the attacker and discusses further challenges. We propose a Markovian dynamic game that can evaluate the efficiency of defensive methods against the AI-aided attacker under a cloudbased system in which the attacker utilizes an AI technique to launch an advanced attack by finding the shortest attack path. We use the CVSS metrics to quantify the values of this zero-sum game model for decision-making.

[1]  Aaron Zimba,et al.  Bayesian network based weighted APT attack paths modeling in cloud computing , 2019, Future Gener. Comput. Syst..

[2]  Michael Granitzer,et al.  Shortest Path Distance Approximation Using Deep Learning Techniques , 2018, 2018 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM).

[3]  Hyrum S. Anderson,et al.  The Malicious Use of Artificial Intelligence: Forecasting, Prevention, and Mitigation , 2018, ArXiv.

[4]  Hooman Alavizadeh,et al.  Toward Proactive, Adaptive Defense: A Survey on Moving Target Defense , 2019, IEEE Communications Surveys & Tutorials.

[5]  Ananthram Swami,et al.  A signaling game model for moving target defense , 2017, IEEE INFOCOM 2017 - IEEE Conference on Computer Communications.

[6]  Aleksander Madry,et al.  On Adaptive Attacks to Adversarial Example Defenses , 2020, NeurIPS.

[7]  Julian Jang,et al.  An Automated Security Analysis Framework and Implementation for MTD Techniques on Cloud , 2019, ICISC.

[8]  Jiang Wei Evaluating Network Security and Optimal Active Defense Based on Attack-Defense Game Model , 2009 .

[9]  Eric Michael Hutchins,et al.  Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains , 2010 .

[10]  Zhang Yi,et al.  Efficient Shortest-Path-Tree Computation in Network Routing Based on Pulse-Coupled Neural Networks , 2013, IEEE Transactions on Cybernetics.

[11]  Dijiang Huang,et al.  SDN based Scalable MTD solution in Cloud Network , 2016, MTD@CCS.

[12]  Jure Leskovec,et al.  node2vec: Scalable Feature Learning for Networks , 2016, KDD.

[13]  Quanyan Zhu,et al.  Physical Intrusion Games—Optimizing Surveillance by Simulation and Game Theory , 2017, IEEE Access.

[14]  Somesh Jha,et al.  Two formal analyses of attack graphs , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[15]  Di Wu,et al.  AI-powered Covert Botnet Command and Control on OSNs , 2020, ArXiv.

[16]  Sankaran Mahadevan,et al.  Fuzzy Dijkstra algorithm for shortest path problem under uncertain environment , 2012, Appl. Soft Comput..

[17]  Irini Reljin,et al.  Neural network for optimization of routing in communication networks , 2006 .

[18]  Scott A. DeLoach,et al.  Towards a Theory of Moving Target Defense , 2014, MTD '14.

[19]  Quanyan Zhu,et al.  Game theory meets network security and privacy , 2013, CSUR.

[20]  Ayoub Bagheri,et al.  Finding shortest path with learning algorithms , 2008 .

[21]  T. Başar,et al.  An Intrusion Detection Game with Limited Observations , 2005 .

[22]  Jure Leskovec,et al.  Representation Learning on Graphs: Methods and Applications , 2017, IEEE Data Eng. Bull..

[23]  Prasant Mohapatra,et al.  Dynamic defense strategy against advanced persistent threat with insiders , 2015, 2015 IEEE Conference on Computer Communications (INFOCOM).

[24]  Wei Huang,et al.  A time-delay neural network for solving time-dependent shortest path problem , 2017, Neural Networks.

[25]  Mainak Chatterjee,et al.  A Game Theoretic Approach to Model Cyber Attack and Defense Strategies , 2018, 2018 IEEE International Conference on Communications (ICC).

[26]  T. Basar,et al.  A game theoretic approach to decision and analysis in network intrusion detection , 2003, 42nd IEEE International Conference on Decision and Control (IEEE Cat. No.03CH37475).

[27]  Xuguang Liu,et al.  A network attack path prediction method using attack graph , 2020, Journal of Ambient Intelligence and Humanized Computing.

[28]  Andrew V. Goldberg,et al.  Computing the shortest path: A search meets graph theory , 2005, SODA '05.

[29]  Zhen Ni,et al.  Low-cohesion differential privacy protection for industrial Internet , 2020, The Journal of Supercomputing.

[30]  Mitsuo Gen,et al.  Solving fuzzy shortest path problem by genetic algorithm , 2018 .

[31]  Jingyue Li,et al.  The AI-Based Cyber Threat Landscape , 2020, ACM Comput. Surv..