Evolution of network enumeration strategies in emulated computer networks

Successful attacks on computer networks today do not often owe their victory to directly overcoming strong security measures set up by the defender. Rather, most attacks succeed because the number of possible vulnerabilities are too large for humans to fully protect without making a mistake. Regardless of the security elsewhere, a skilled attacker can exploit a single vulnerability in a defensive system and negate the benefits of those security measures. This paper presents an evolutionary framework for evolving attacker agents in a real, emulated network environment using genetic programming, as a foundation for coevolutionary systems which can automatically discover and mitigate network security flaws. We examine network enumeration, an initial network reconnaissance step, through our framework and present results demonstrating its success, indicating a broader applicability to further cyber-security tasks.

[1]  Stephen Hailes,et al.  Evolving attackers against wireless sensor networks using genetic programming , 2017, IET Wirel. Sens. Syst..

[2]  Leonardo Vanneschi,et al.  Crossover-Based Tree Distance in Genetic Programming , 2008, IEEE Transactions on Evolutionary Computation.

[3]  Julian Francis Miller,et al.  Cartesian genetic programming , 2000, GECCO '10.

[4]  William F. Punch,et al.  An Efficient Structural Diversity Technique for Genetic Programming , 2015, GECCO.

[5]  Anna Esparcia-Alcázar,et al.  Fitness approximation for bot evolution in genetic programming , 2013, Soft Comput..

[6]  David J. Montana,et al.  Strongly Typed Genetic Programming , 1995, Evolutionary Computation.

[7]  Graham Kendall,et al.  Diversity in genetic programming: an analysis of measures and correlation with fitness , 2004, IEEE Transactions on Evolutionary Computation.

[8]  Daniel R. Tauritz,et al.  Coevolutionary Agent-based Network Defense Lightweight Event System (CANDLES) , 2015, GECCO.

[9]  Danfeng Yao,et al.  Breaking the Target: An Analysis of Target Data Breach and Lessons Learned , 2017, ArXiv.

[10]  Wolfgang Banzhaf,et al.  A comparison of linear genetic programming and neural networks in medical data mining , 2001, IEEE Trans. Evol. Comput..

[11]  John R. Koza,et al.  Hierarchical Genetic Algorithms Operating on Populations of Computer Programs , 1989, IJCAI.

[12]  Una-May O'Reilly,et al.  Investigating coevolutionary archive based genetic algorithms on cyber defense networks , 2017, GECCO.

[13]  Mourad Debbabi,et al.  Cyber Scanning: A Comprehensive Survey , 2014, IEEE Communications Surveys & Tutorials.