A Supervisory Control Approach to Dynamic Cyber-Security

An analytical approach for a dynamic cyber-security problem that captures progressive attacks to a computer network is presented. We formulate the dynamic security problem from the defender’s point of view as a supervisory control problem with imperfect information, modeling the computer network’s operation by a discrete event system. We consider a min-max performance criterion and use dynamic programming to determine, within a restricted set of policies, an optimal policy for the defender. We study and interpret the behavior of this optimal policy as we vary certain parameters of the supervisory control problem.

[1]  Sergiu Hart,et al.  Discrete Colonel Blotto and General Lotto games , 2008, Int. J. Game Theory.

[2]  Chase Qishi Wu,et al.  A Survey of Game Theory as Applied to Network Security , 2010, 2010 43rd Hawaii International Conference on System Sciences.

[3]  Lujo Bauer,et al.  Run-Time Enforcement of Nonsafety Policies , 2009, TSEC.

[4]  Pravin Varaiya,et al.  Stochastic Systems: Estimation, Identification, and Adaptive Control , 1986 .

[5]  Rainer Böhme,et al.  Optimal Information Security Investment with Penetration Testing , 2010, GameSec.

[6]  Eitan Altman,et al.  Saddle-Point Strategies in Malware Attack , 2012, IEEE Journal on Selected Areas in Communications.

[7]  Lykomidis Mastroleon Scalable resource control in large-scale computing/networking infrastructures , 2009 .

[8]  Lujo Bauer,et al.  Edit automata: enforcement mechanisms for run-time security policies , 2005, International Journal of Information Security.

[9]  Dimitri P. Bertsekas,et al.  Dynamic Programming and Optimal Control, Two Volume Set , 1995 .

[10]  Fred B. Schneider,et al.  Enforceable security policies , 2000, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[11]  David K. Smith,et al.  Dynamic Programming and Optimal Control. Volume 1 , 1996 .

[12]  D. Blackwell Discounted Dynamic Programming , 1965 .

[13]  Karl N. Levitt,et al.  Artificial Diversity as Maneuvers in a Control Theoretic Moving Target Defense , 2012 .

[14]  T. Başar,et al.  Optimal and robust epidemic response for multiple networks , 2009 .

[15]  Vincent Conitzer,et al.  Stackelberg vs. Nash in security games: interchangeability, equivalence, and uniqueness , 2010, AAMAS 2010.

[16]  Eitan Altman,et al.  Maximum Damage Malware Attack in Mobile Wireless Networks , 2010, 2010 Proceedings IEEE INFOCOM.

[17]  Jeannette M. Wing,et al.  Game strategies in network security , 2005, International Journal of Information Security.

[18]  Michael Bloem,et al.  Malware Filtering for Network Security Using Weighted Optimality Measures , 2007, 2007 IEEE International Conference on Control Applications.

[19]  Thomas M. Chen,et al.  Effectiveness of Quarantine in Worm Epidemics , 2006, 2006 IEEE International Conference on Communications.

[20]  Ronald L. Rivest,et al.  FlipIt: The Game of “Stealthy Takeover” , 2012, Journal of Cryptology.

[21]  Larry Samuelson,et al.  Choosing What to Protect: Strategic Defensive Allocation Against an Unknown Attacker , 2005 .