Online algorithms for adaptive cyber defense on Bayesian attack graphs

Zhisheng Hu, Minghui Zhu, Peng Liu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

19 Scopus citations

Abstract

Emerging zero-day vulnerabilities in information and communications technology systems make cyber defenses very challenging. In particular, the defender faces uncertainties of; e.g., system states and the locations and the impacts of vulnerabilities. In this paper, we study the defense problem on a computer network that is modeled as a partially observable Markov decision process on a Bayesian attack graph. We propose online algorithms which allow the defender to identify effective defense policies when utility functions are unknown a priori. The algorithm performance is verified via numerical simulations based on real-world attacks.

Original languageEnglish (US)
Title of host publicationMTD 2017 - Proceedings of the 2017 Workshop on Moving Target Defense, co-located with CCS 2017
PublisherAssociation for Computing Machinery, Inc
Pages99-109
Number of pages11
ISBN (Electronic)9781450351768
DOIs
StatePublished - Oct 30 2017
Event4th ACM Workshop on Moving Target Defense, MTD 2017 - Dallas, United States
Duration: Oct 30 2017 → …

Publication series

NameMTD 2017 - Proceedings of the 2017 Workshop on Moving Target Defense, co-located with CCS 2017
Volume2017-January

Other

Other4th ACM Workshop on Moving Target Defense, MTD 2017
Country/TerritoryUnited States
CityDallas
Period10/30/17 → …

All Science Journal Classification (ASJC) codes

  • Control and Systems Engineering
  • Computer Science Applications
  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'Online algorithms for adaptive cyber defense on Bayesian attack graphs'. Together they form a unique fingerprint.

Cite this