Simulation-based optimization of information security controls: an adversary-centric approach
Elmar Kiesling,Andreas Ekelhart,Bernhard Grill,Christine Strauss,Christian Stummer +4 more
- 08 Dec 2013
- pp 2054-2065
TL;DR: A novel simulation-optimization method that combines rich conceptual modeling of security knowledge with discrete event simulation and metaheuristic optimization techniques and optimizes its ability to detect ongoing attacks and prevent their successful execution is introduced.
read more
Abstract: Today, information systems are threatened not only by the opportunistic exploitation of particular technical weaknesses, but increasingly by targeted attacks that combine multiple vectors to achieve the attacker's objectives. Given the complexities involved, identifying the most appropriate measures to counteract the latter threats is highly challenging. In this paper, we introduce a novel simulation-optimization method that tackles this problem. It combines rich conceptual modeling of security knowledge with discrete event simulation and metaheuristic optimization techniques. By simulating attacks, the method infers possible routes of attack and identifies emergent weaknesses while accounting for adversaries' heterogeneous objectives, capabilities, and available modes of entry. The optimization iteratively adapts the system model by means of a genetic algorithm and optimizes its ability to detect ongoing attacks and prevent their successful execution. We describe a prototypical implementation and illustrate its application by means of scenarios for five types of adversaries.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Quantifying the mission impact of network-level cyber defensive mitigations:
Neal Wagner,Cem Safak Sahin,M. L. Winterrose,James F. Riordan,Diana Hanson,Jaime Pena,William W. Streilein +6 more
TL;DR: This paper examine network-level cyber defensive mitigations and quantify their impact on network security and mission performance and introduces a novel, unified metric for mitigation effectiveness that takes into account both of these perspectives and provides a single measurement that is convenient and easily accessible to security practitioners.
18
Agent-based simulation for assessing network security risk due to unauthorized hardware
Neal Wagner,Richard P. Lippmann,M. L. Winterrose,James F. Riordan,Tamara Yu,William W. Streilein +5 more
- 12 Apr 2015
TL;DR: A prototype simulation system for network risk assessment that is intended for use by administrators to simulate and evaluate varying network environments and attacker/defender scenarios with respect to authorized and unauthorized hardware.
16
Selecting security control portfolios: a multi-objective simulation-optimization approach
Elmar Kiesling,Andreas Ekelhart,Bernhard Grill,Christine Strauss,Christian Stummer +4 more
- 20 Apr 2016
TL;DR: The decision support methodology introduced in this paper combines conceptual modeling of security knowledge with a simulation-based optimization that hardens a modeled infrastructure against simulated attacks, and provides a decision support component for selecting from efficient combinations of security controls.
Agent-based simulation in support of moving target cyber defense technology development and evaluation
Ben Priest,Era Vuksani,Neal Wagner,Brady Tello,Kevin M. Carter,William W. Streilein +5 more
- 12 Apr 2015
TL;DR: The proposed agent-based simulation system (ABS) is intended to evaluate candidate MT techniques and provide important and cost-effective support for the overall MT technology development and testing process.
7
References
A fast and elitist multiobjective genetic algorithm: NSGA-II
TL;DR: This paper suggests a non-dominated sorting-based MOEA, called NSGA-II (Non-dominated Sorting Genetic Algorithm II), which alleviates all of the above three difficulties, and modify the definition of dominance in order to solve constrained multi-objective problems efficiently.
A note on two problems in connexion with graphs
TL;DR: A tree is a graph with one and only one path between every two nodes, where at least one path exists between any two nodes and the length of each branch is given.
SPEA2: Improving the strength pareto evolutionary algorithm
Eckart Zitzler,Marco Laumanns,Lothar Thiele +2 more
- 01 Jan 2001
TL;DR: An improved version of SPEA, namely SPEA2, is proposed, which incorporates in contrast to its predecessor a fine-grained fitness assignment strategy, a density estimation technique, and an enhanced archive truncation method.
6K
•Book
Secrets and Lies: Digital Security in a Networked World
Bruce Schneier
- 01 Jan 2000
TL;DR: This book argues that modern systems have so many components and connections-some of them not even known by the systems' designers, implementers, or users-that insecurities always remain, and that the world was full of bad security systems designed by people who read Applied Cryptography.
Scalable, graph-based network vulnerability analysis
Paul Ammann,Duminda Wijesekera,Saket Kaushik +2 more
- 18 Nov 2002
TL;DR: This paper revisits the idea of attack graphs themselves, and argues that they represent more information explicitly than is necessary for the analyst, and proposes a more compact and scalable representation.