Predictability-oriented defense against adaptive adversaries

There are substantial potential benefits to considering predictability when designing defenses against adaptive adversaries, including increasing the ability of defense systems to predict new attacker behavior and reducing the capacity of adversaries to anticipate defensive actions. This paper adopts such a perspective, leveraging the coevolutionary relationship between attackers and defenders to derive methods for predicting and countering attacks and for limiting the extent to which adversaries can learn about defense strategies. The proposed approach combines game theory with machine learning to model adversary adaptation in the learner's feature space, thereby producing classes of predictive and “moving target” defenses which are scientifically-grounded and applicable to problems of real-world scale and complexity. Case studies with large cyber security datasets demonstrate that the proposed algorithms outperform gold-standard techniques, offering effective and robust defense against evolving adversaries.

[1]  Eizo Akiyama,et al.  Chaos in learning a simple two-person game , 2002, Proceedings of the National Academy of Sciences of the United States of America.

[2]  Andrew B. Whinston,et al.  A Game Theoretic Model and Empirical Analysis of Spammer Strategies , 2010 .

[3]  Richard Colbaugh,et al.  Proactive defense for evolving cyber threats , 2011, Proceedings of 2011 IEEE International Conference on Intelligence and Security Informatics.

[4]  Walmir M. Caminhas,et al.  A review of machine learning approaches to Spam filtering , 2009, Expert Syst. Appl..

[5]  Pedro M. Domingos,et al.  Adversarial classification , 2004, KDD.

[6]  Harilaos N. Psaraftis,et al.  Container transportation as an interdependent security problem , 2010 .

[7]  Milind Tambe,et al.  GUARDS: game theoretic security allocation on a national scale , 2011, AAMAS.

[8]  Richard Colbaugh Arctic ice, george clooney, lipstick on a pig, and insomniac fruit flies: combining kd and m&s for predictive analysis , 2011, KDMS '11.

[9]  Chase Qishi Wu,et al.  A Survey of Game Theory as Applied to Network Security , 2010, 2010 43rd Hawaii International Conference on System Sciences.

[10]  Gordon V. Cormack,et al.  Email Spam Filtering: A Systematic Review , 2008, Found. Trends Inf. Retr..

[11]  Edward O. Williams,et al.  Surveillance and interdiction models : a game-theoretic approach to defend against VBIEDS , 2010 .

[12]  Tuomas Sandholm,et al.  The State of Solving Large Incomplete-Information Games, and Application to Poker , 2010, AI Mag..

[13]  Quanyan Zhu,et al.  Game theory meets network security and privacy , 2013, CSUR.

[14]  Richard Colbaugh,et al.  Predictive analysis for social processes I: Multi-scale hybrid system modeling , 2009, 2009 IEEE Control Applications, (CCA) & Intelligent Control, (ISIC).

[15]  Domitilla Del Vecchio,et al.  Safety Control of Hidden Mode Hybrid Systems , 2012, IEEE Transactions on Automatic Control.