TY - GEN
T1 - Game-theoretic approach to feedback-driven multi-stage moving target defense
AU - Zhu, Quanyan
AU - Basa̧r, Tamer
PY - 2013
Y1 - 2013
N2 - The static nature of computer networks allows malicious attackers to easily gather useful information about the network using network scanning and packet sniffing. The employment of secure perimeter firewalls and intrusion detection systems cannot fully protect the network from sophisticated attacks. As an alternative to the expensive and imperfect detection of attacks, it is possible to improve network security by manipulating the attack surface of the network in order to create a moving target defense. In this paper, we introduce a proactive defense scheme that dynamically alters the attack surface of the network to make it difficult for attackers to gather system information by increasing complexity and reducing its signatures. We use concepts from systems and control literature to design an optimal and efficient multi-stage defense mechanism based on a feedback information structure. The change of attack surface involves a reconfiguration cost and a utility gain resulting from risk reduction. We use information- and control-theoretic tools to provide closed-form optimal randomization strategies. The results are corroborated by a case study and several numerical examples.
AB - The static nature of computer networks allows malicious attackers to easily gather useful information about the network using network scanning and packet sniffing. The employment of secure perimeter firewalls and intrusion detection systems cannot fully protect the network from sophisticated attacks. As an alternative to the expensive and imperfect detection of attacks, it is possible to improve network security by manipulating the attack surface of the network in order to create a moving target defense. In this paper, we introduce a proactive defense scheme that dynamically alters the attack surface of the network to make it difficult for attackers to gather system information by increasing complexity and reducing its signatures. We use concepts from systems and control literature to design an optimal and efficient multi-stage defense mechanism based on a feedback information structure. The change of attack surface involves a reconfiguration cost and a utility gain resulting from risk reduction. We use information- and control-theoretic tools to provide closed-form optimal randomization strategies. The results are corroborated by a case study and several numerical examples.
UR - http://www.scopus.com/inward/record.url?scp=84893401012&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84893401012&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-02786-9_15
DO - 10.1007/978-3-319-02786-9_15
M3 - Conference contribution
AN - SCOPUS:84893401012
SN - 9783319027852
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 246
EP - 263
BT - Decision and Game Theory for Security - 4th International Conference, GameSec 2013, Proceedings
PB - Springer
T2 - 4th International Conference on Decision and Game Theory for Security, GameSec 2013
Y2 - 11 November 2013 through 12 November 2013
ER -