poster

Game-Theoretic Algorithms for Optimal Network Security Hardening Using Attack Graphs

Authors:

Karel Durkota,

Viliam Lisy,

Christofer Kiekintveld,

Branislav BosanskyAuthors Info & Claims

AAMAS '15: Proceedings of the 2015 International Conference on Autonomous Agents and Multiagent Systems

Pages 1773 - 1774

Published: 04 May 2015 Publication History

Get Access

Abstract

In network security hardening a network administrator may need to use limited resources (such as honeypots) to harden a network against possible attacks. Attack graphs are a common formal model used to represent possible attacks. However, most existing works on attack graphs do not consider the reactions of attackers to different defender strategies. We introduce a game-theoretic model of the joint problem where attacker's strategies are represented using attack graphs, and defender's strategies are represented as modifications of the attack graph. The attack graphs we use allow for sequential attack actions with associated costs and probabilities of success/failure. We present an algorithm for an computing attack policy that maximizes attacker's expected reward and empirical results demonstrating our methods on a case study network.

References

[1]

K. Durkota and V. Lisý. Computing optimal policies for attack graphs with action failures and costs. In STAIRS, pages 101--110, 2014.

Google Scholar

[2]

R. Greiner, R. Hayward, M. Jankowska, and M. Molloy. Finding optimal satisficing strategies for and-or trees. Artificial Intelligence, pages 19--58, 2006.

Digital Library

Google Scholar

[3]

J. Homer, X. Ou, and D. Schmidt. A sound and practical approach to quantifying security risk in enterprise networks. Kansas State University, 2009.

Google Scholar

[4]

S. Noel, S. Jajodia, L. Wang, and A. Singhal. Measuring security risk of networks using attack graphs. International Journal of Next-Generation Computing, 1(1):135--147, 2010.

Google Scholar

[5]

X. Ou, W. F. Boyer, and M. A. McQueen. A scalable approach to attack graph generation. In CCS, pages 336--345, 2006.

Digital Library

Google Scholar

[6]

O. Sheyner, J. Haines, S. Jha, R. Lippmann, and J. Wing. Automated generation and analysis of attack graphs. In IEEE S&P, pages 273--284, 2002.

Digital Library

Google Scholar

[7]

L. Spitzner. Honeypots: tracking hackers. Addison-Wesley Reading, 2003.

Digital Library

Google Scholar

[8]

M. Tambe. Security and Game Theory: Algorithms, Deployed Systems, Lessons Learned. Cambridge University Press, 2011.

Digital Library

Google Scholar

Cited By

View all

Fielder ALi THankin CBrandstetter TJanicke HJones K(2016)Defense-in-depth vs. critical component defense for industrial control systemsProceedings of the 4th International Symposium for ICS & SCADA Cyber Security Research 201610.14236/ewic/ICS2016.1(1-10)Online publication date: 23-Aug-2016
https://dl.acm.org/doi/10.14236/ewic/ICS2016.1

Index Terms

Game-Theoretic Algorithms for Optimal Network Security Hardening Using Attack Graphs
1. Security and privacy
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Recommendations

GTM: Game Theoretic Methodology for optimal cybersecurity defending strategies and investments
ARES '22: Proceedings of the 17th International Conference on Availability, Reliability and Security

Investments on cybersecurity are essential for organizations to protect operational activities, develop trust relationships with clients, and maintain financial stability. A cybersecurity breach can lead to financial losses as well as to damage the ...
Optimal network security hardening using attack graph games
IJCAI'15: Proceedings of the 24th International Conference on Artificial Intelligence

Preventing attacks in a computer network is the core problem in network security. We introduce a new game-theoretic model of the interaction between a network administrator who uses limited resource to harden a network and an attacker who follows a ...
Two Scalable Analyses of Compact Attack Graphs for Defending Network Security
NSWCTC '09: Proceedings of the 2009 International Conference on Networks Security, Wireless Communications and Trusted Computing - Volume 01

The compact attack graphs implicitly reveal the threat of sophisticated multi-step attacks by enumerating possible sequences of exploits leading to the compromising given critical resources in enterprise networks with thousands of hosts. For security ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

AAMAS '15: Proceedings of the 2015 International Conference on Autonomous Agents and Multiagent Systems

May 2015

2072 pages

ISBN:9781450334136

General Chairs:
Gerhard Weiss
Maastricht University, The Netherlands
,
Pınar Yolum
Bogazici University, Turkey
,
Program Chairs:
Rafael H. Bordini
PUCRS, Brazil
,
Edith Elkind
University of Oxford, UK

In-Cooperation

SIGAI: ACM Special Interest Group on Artificial Intelligence

Publisher

International Foundation for Autonomous Agents and Multiagent Systems

Richland, SC

Publication History

Published: 04 May 2015

Check for updates

Author Tags

Qualifiers

Poster

Funding Sources

Sino-Danish Center for the Theory of Interactive Computation
Office of Naval Research Global

Conference

AAMAS'15

Sponsor:

AAMAS'15: International Conference on Autonomous Agents and Multiagent Systems

May 4 - 8, 2015

Istanbul, Turkey

Acceptance Rates

AAMAS '15 Paper Acceptance Rate 108 of 670 submissions, 16%;

Overall Acceptance Rate 1,155 of 5,036 submissions, 23%

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
212
Total Downloads

Downloads (Last 12 months)3
Downloads (Last 6 weeks)0

Reflects downloads up to 30 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Fielder ALi THankin CBrandstetter TJanicke HJones K(2016)Defense-in-depth vs. critical component defense for industrial control systemsProceedings of the 4th International Symposium for ICS & SCADA Cyber Security Research 201610.14236/ewic/ICS2016.1(1-10)Online publication date: 23-Aug-2016
https://dl.acm.org/doi/10.14236/ewic/ICS2016.1

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

GTM: Game Theoretic Methodology for optimal cybersecurity defending strategies and investments

Optimal network security hardening using attack graph games

Two Scalable Analyses of Compact Attack Graphs for Defending Network Security