Evolving Gaming Strategies for Attacker-Defender in a Simulated Network Environment

This work investigates an evolutionary approach to generate gaming strategies for the Attacker-Defender or Intruder-Administrator in simulated cyber warfare. Given a network environment, attack graphs are defined in an anticipation game framework to generate action strategies by analyzing (local/global) vulnerabilities and security measures. The proposed approach extends an anticipation game (AG) framework by taking into account multiple conflicting objectives like cost, time, reward and performance for generating effective gaming strategies. A gaming strategy represents a sequence of decision rules that an attacker or the defender can employ to achieve his/her desired goal. In this work, a memory-based multi-objective evolutionary algorithm (MOEA) is implemented in AG framework to generate action strategies, and experiments are performed in a simulated network. Simulations with different types of nodes and services are performed, results are analyzed and reported. These experiments demonstrate that the proposed MOEA approach performs better than existing AG implementations.

[1]  Marco Laumanns,et al.  SPEA2: Improving the strength pareto evolutionary algorithm , 2001 .

[2]  Somesh Jha,et al.  Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[3]  Jordan B. Pollack,et al.  A Game-Theoretic Memory Mechanism for Coevolution , 2003, GECCO.

[4]  Kalyanmoy Deb,et al.  A fast and elitist multiobjective genetic algorithm: NSGA-II , 2002, IEEE Trans. Evol. Comput..

[5]  Dipankar Dasgupta,et al.  Multiobjective fitness landscape analysis and the design of effective memetic algorithms , 2008 .

[6]  John C. Mitchell,et al.  Using Strategy Objectives for Network Security Analysis , 2009, Inscrypt.

[7]  Paul Ammann,et al.  A host-based approach to network attack chaining analysis , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[8]  Jean Goubault-Larrecq,et al.  A Logical Framework for Evaluating Network Resilience Against Faults and Attacks , 2007, ASIAN.

[9]  Sushil Jajodia Topological analysis of network attack vulnerability , 2007, ASIACCS '07.

[10]  D. E. Matthews Evolution and the Theory of Games , 1977 .

[11]  Thomas A. Henzinger,et al.  The Element of Surprise in Timed Games , 2003, CONCUR.

[12]  Nancy A. Lynch,et al.  Liveness in Timed and Untimed Systems , 1994, Inf. Comput..

[13]  Marco Laumanns,et al.  Scalable Test Problems for Evolutionary Multiobjective Optimization , 2005, Evolutionary Multiobjective Optimization.

[14]  Cynthia A. Phillips,et al.  A graph-based system for network-vulnerability analysis , 1998, NSPW '98.

[15]  Thomas A. Henzinger,et al.  Alternating-time temporal logic , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[16]  Kalyanmoy Deb,et al.  Finding Knees in Multi-objective Optimization , 2004, PPSN.

[17]  Thomas A. Henzinger,et al.  Alternating-time temporal logic , 1999 .

[18]  David W. Corne,et al.  Towards Landscape Analyses to Inform the Design of Hybrid Local Search for the Multiobjective Quadratic Assignment Problem , 2002, HIS.

[19]  Jeannette M. Wing,et al.  Scenario graphs and attack graphs , 2004 .

[20]  Martin J. Osborne,et al.  An Introduction to Game Theory , 2003 .

[21]  Elie Bursztein Extending Anticipation Games with Location, Penalty and Timeline , 2008, Formal Aspects in Security and Trust.

[22]  Thomas A. Henzinger,et al.  Timed Alternating-Time Temporal Logic , 2006, FORMATS.

[23]  Xinming Ou,et al.  A scalable approach to attack graph generation , 2006, CCS '06.

[24]  Richard Lippmann,et al.  The Effect of Identifying Vulnerabilities and Patching Software on the Utility of Network Intrusion Detection , 2002, RAID.

[25]  Nancy A. Lynch,et al.  Liveness in Timed and Untimed Systems , 1998, Inf. Comput..

[26]  Somesh Jha,et al.  Two formal analyses of attack graphs , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[27]  J M Smith,et al.  Evolution and the theory of games , 1976 .

[28]  Duminda Wijesekera,et al.  Scalable, graph-based network vulnerability analysis , 2002, CCS '02.

[29]  Bernd Freisleben,et al.  A Genetic Local Search Approach to the Quadratic Assignment Problem , 1997, ICGA.

[30]  John H. Holland,et al.  Adaptation in Natural and Artificial Systems: An Introductory Analysis with Applications to Biology, Control, and Artificial Intelligence , 1992 .

[31]  Joseph Sifakis,et al.  On the Synthesis of Discrete Controllers for Timed Systems (An Extended Abstract) , 1995, STACS.

[32]  H. Wong-Toi,et al.  The control of dense real-time discrete event systems , 1991, [1991] Proceedings of the 30th IEEE Conference on Decision and Control.

[33]  Sushil Jajodia,et al.  Topological analysis of network attack vulnerability , 2006, PST.

[34]  Zhang Lufeng,et al.  Network Security Evaluation through Attack Graph Generation , .

[35]  Nirnay Ghosh,et al.  An Intelligent Technique for Generating Minimal Attack Graph , .

[36]  Lawrence. Davis,et al.  Handbook Of Genetic Algorithms , 1990 .

[37]  Ed Keedwell,et al.  Hybridizing Cellular Automata Principles and NSGAII for Multi-objective Design of Urban Water Networks , 2006, EMO.

[38]  Francisco Luna,et al.  jMetal: a Java Framework for Developing Multi-Objective Optimization Metaheuristics , 2006 .