Abstract
A cyber epidemic attack is considered as one effective cyber weapon in cyberspace. Generally speaking, due to the limited attack resource, the adversary needs to adjust their attack strategy timely to maximize the attack profits in the attack process. However, previous studies have not focused on the interaction between the cyber epidemic attack and the adversary’s strategy from the perspective of the dynamics. This paper aims to investigate the relationship between the network security situation and the adversary’s strategy decision with limited attack resources. We propose a new dynamical framework by coupling the adversary’s strategy decision model to the cyber epidemic model. Through numerical results, we find the mutual effects between the network security situation and the adversary’s strategy decision. Specifically, the selective attack strategy can help the adversary accumulate more attack resource compared to the random attack strategy.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Chakrabarti, D., Wang, Y., Wang, C., Leskovec, J., Faloutsos, C.: Epidemic thresholds in real networks. ACM Trans. Inf. Syst. Secur. (TISSEC) 10(4), 1 (2008)
Chen, Q., Bridges, R.A.: Automated behavioral analysis of malware: a case study of wannacry ransomware. In: IEEE International Conference on Machine Learning and Applications, pp. 454–460 (2017)
Horn, R.A., Johnson, C.R.: Matrix Analysis. Cambridge University Press, Cambridge (1990)
Jaszkiewicz, A.: On the performance of multiple-objective genetic local search on the 0/1 knapsack problem - a comparative experiment. IEEE Trans. Evol. Comput. 6(4), 402–412 (2002)
Kephart, J.O., White, S.R.: Directed-graph epidemiological models of computer viruses. In: 1991 IEEE Computer Society Symposium on Research in Security and Privacy, Proceedings, pp. 343–359. IEEE (1991)
Li, P., Yang, X., Xiong, Q., Wen, J., Tang, Y.Y.: Defending against the advanced persistent threat: an optimal control approach. Secur. Commun. Netw. (2018)
Lu, W., Xu, S., Yi, X.: Optimizing active cyber defense. In: Das, S.K., Nita-Rotaru, C., Kantarcioglu, M. (eds.) GameSec 2013. LNCS, vol. 8252, pp. 206–225. Springer, Cham (2013). https://doi.org/10.1007/978-3-319-02786-9_13
Nowzari, C., Preciado, V.M., Pappas, G.J.: Analysis and control of epidemics: a survey of spreading processes on complex networks. IEEE Control. Syst. 36(1), 26–46 (2016)
Pastor-Satorras, R., Castellano, C., Van Mieghem, P., Vespignani, A.: Epidemic processes in complex networks. Rev. Mod. Phys. 87(3), 925 (2015)
Pita, J., John, R., Maheswaran, R., Tambe, M., Kraus, S.: A robust approach to addressing human adversaries in security games. In: Proceedings of the 20th European Conference on Artificial Intelligence, pp. 660–665. IOS Press (2012)
Sood, A.K., Enbody, R.J.: Targeted cyberattacks: a superset of advanced persistent threats. IEEE Secur. Priv. 11(1), 54–61 (2013)
Tversky, A., Kahneman, D.: Advances in prospect theory: cumulative representation of uncertainty. J. Risk Uncertain. 5(4), 297–323 (1992)
Van Mieghem, P., Omic, J., Kooij, R.: Virus spread in networks. IEEE/ACM Trans. Netw. (TON) 17(1), 1–14 (2009)
Wang, W., Tang, M., Eugene, S.H., Braunstein, L.A.: Unification of theoretical approaches for epidemic spreading on complex networks. Rep. Prog. Phys. 80(3), 036603 (2017)
Xu, S.: Cybersecurity dynamics. In: Proceedings of the 2014 Symposium and Bootcamp on the Science of Security, p. 14. ACM (2014)
Xu, S., Lu, W., Xu, L.: Push-and pull-based epidemic spreading in networks: thresholds and deeper insights. ACM Trans. Auton. Adapt. Syst. (TAAS) 7(3), 32 (2012)
Yang, R., Kiekintveld, C., OrdóñEz, F., Tambe, M., John, R.: Improving resource allocation strategies against human adversaries in security games: an extended study. Artif. Intell. 195, 440–469 (2013)
Zheng, R., Lu, W., Xu, S.: Preventive and reactive cyber defense dynamics is globally stable. IEEE Trans. Netw. Sci. Eng. PP(99), 1 (2016)
Acknowledgment
The authors would like to thank the anonymous reviewers for their valuable comments and suggestions. This research was supported by the National Key Research & Development Program of China (Grant No.2016YFB0800102).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Yan, D., Liu, F., Zhang, Y., Jia, K., Zhang, Y. (2018). Characterizing the Optimal Attack Strategy Decision in Cyber Epidemic Attacks with Limited Resources. In: Liu, F., Xu, S., Yung, M. (eds) Science of Cyber Security. SciSec 2018. Lecture Notes in Computer Science(), vol 11287. Springer, Cham. https://doi.org/10.1007/978-3-030-03026-1_5
Download citation
DOI: https://doi.org/10.1007/978-3-030-03026-1_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-03025-4
Online ISBN: 978-3-030-03026-1
eBook Packages: Computer ScienceComputer Science (R0)