Game-theoretic approach to feedback-driven multi-stage moving target defense

Quanyan Zhu, Tamer Basa̧r

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The static nature of computer networks allows malicious attackers to easily gather useful information about the network using network scanning and packet sniffing. The employment of secure perimeter firewalls and intrusion detection systems cannot fully protect the network from sophisticated attacks. As an alternative to the expensive and imperfect detection of attacks, it is possible to improve network security by manipulating the attack surface of the network in order to create a moving target defense. In this paper, we introduce a proactive defense scheme that dynamically alters the attack surface of the network to make it difficult for attackers to gather system information by increasing complexity and reducing its signatures. We use concepts from systems and control literature to design an optimal and efficient multi-stage defense mechanism based on a feedback information structure. The change of attack surface involves a reconfiguration cost and a utility gain resulting from risk reduction. We use information- and control-theoretic tools to provide closed-form optimal randomization strategies. The results are corroborated by a case study and several numerical examples.

Original languageEnglish (US)
Title of host publicationDecision and Game Theory for Security - 4th International Conference, GameSec 2013, Proceedings
PublisherSpringer
Pages246-263
Number of pages18
ISBN (Print)9783319027852
DOIs
StatePublished - 2013
Event4th International Conference on Decision and Game Theory for Security, GameSec 2013 - Fort Worth, TX, United States
Duration: Nov 11 2013Nov 12 2013

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume8252 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other4th International Conference on Decision and Game Theory for Security, GameSec 2013
Country/TerritoryUnited States
CityFort Worth, TX
Period11/11/1311/12/13

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'Game-theoretic approach to feedback-driven multi-stage moving target defense'. Together they form a unique fingerprint.

Cite this