Skip to main content
SpringerLink
Log in
Book cover

From Database to Cyber Security pp 1–23Cite as

From Cyber Situational Awareness to Adaptive Cyber Defense: Leveling the Cyber Playing Field

  • Chapter
  • First Online:

  • 1950 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11170))

Abstract

In the cyber security landscape, the asymmetric relationship between defender and attacker tends to favor the attacker: while the defender needs to protect a system against all possible ways of breaching it, the attacker needs to identify and exploit only one vulnerable entry point in order to succeed. In this chapter, we show how we can effectively reverse such intrinsic asymmetry in favor of the defender by concurrently pursuing two complementary objectives: increasing the defender’s understanding of multiple facets of the cyber landscape – referred to as Cyber Situational Awareness (CSA) – and creating uncertainty for the attacker through Moving Target Defense (MTD) or Adaptive Cyber Defense (ACD) techniques. This chapter provides a brief overview of contributions in these areas, and discusses future research directions.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Abbasi, F.H., Harris, R.J., Moretti, G., Haider, A., Anwar, N.: Classification of malicious network streams using honeynets. In: Proceedings of the IEEE Global Communications Conference (IEEE GLOBECOM 2012), pp. 891–897. IEEE, Anaheim, CA, USA, December 2012

    Google Scholar 

  2. Albanese, M., Jajodia, S.: Formation of awareness. In: Kott, A., Wang, C., Erbacher, R.F. (eds.) Cyber Defense and Situational Awareness. AIS, vol. 62, pp. 47–62. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-11391-3_4

    Chapter  Google Scholar 

  3. Albanese, M., Battista, E., Jajodia, S., Casola, V.: Manipulating the attacker’s view of a system’s attack surface. In: IEEE Conference on Communications and Network Security, CNS 2014, pp. 472–480, San Francisco, CA, USA, October 2014

    Google Scholar 

  4. Albanese, M., Jajodia, S.: A graphical model to assess the impact of multi-step attacks. J. Def. Model. Simul. 15(1), 79–93 (2018)

    Article  Google Scholar 

  5. Albanese, M., Jajodia, S., Noel, S.: Time-efficient and cost-effective network hardening using attack graphs. In: Proceedings of the 42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012), Boston, MA, USA, June 2012

    Google Scholar 

  6. Albanese, M., Jajodia, S., Pugliese, A., Subrahmanian, V.S.: Scalable analysis of attack scenarios. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 416–433. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-23822-2_23

    Chapter  Google Scholar 

  7. Albanese, M., Jajodia, S., Singhal, A., Wang, L.: An efficient approach to assessing the risk of zero-day. In: Samarati, P. (ed.) Proceedings of the 10th International Conference on Security and Cryptography (SECRYPT 2013), pp. 207–218. SciTePress, Reykjavík, Iceland (July 2013)

    Google Scholar 

  8. Boyd, S.W., Keromytis, A.D.: SQLrand: preventing SQL injection attacks. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004. LNCS, vol. 3089, pp. 292–302. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24852-1_21

    Chapter  Google Scholar 

  9. Christey, S.: 2011 CWE/SANS top 25 most dangerous software errors (2011). http://cwe.mitre.org/top25/

  10. Connell, W., Albanese, M., Venkatesan, S.: A framework for moving target defense quantification. In: De Capitani di Vimercati, S., Martinelli, F. (eds.) SEC 2017. IAICT, vol. 502, pp. 124–138. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-58469-0_9

    Chapter  Google Scholar 

  11. Cybenko, G., Jajodia, S., Wellman, M.P., Liu, P.: Adversarial and uncertain reasoning for adaptive cyber defense: building the scientific foundation. In: Prakash, A., Shyamasundar, R. (eds.) ICISS 2014. LNCS, vol. 8880, pp. 1–8. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-13841-1_1

    Chapter  Google Scholar 

  12. Hutchins, E.M., Cloppert, M.J., Amin, R.M.: Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains. Lockheed Martin Corporation, Bethesda (2010)

    Google Scholar 

  13. Jajodia, S., Noel, S.: Topological vulnerability analysis. In: Jajodia, S., Liu, P., Swarup, V., Wang, C. (eds.) Cyber Situational Awareness. Advances in Information Security, vol. 46, pp. 139–154. Springer, Boston (2010). https://doi.org/10.1007/978-1-4419-0140-8_7

    Chapter  Google Scholar 

  14. Jajodia, S., Ghosh, A.K., Subrahmanian, V.S., Swarup, V., Wang, C., Wang, X.S. (eds.): Moving Target Defense II: Application of Game Theory and Adversarial Modeling. Advances in Information Security, vol. 100. Springer, New York (2013). https://doi.org/10.1007/978-1-4614-5416-8

    Book  Google Scholar 

  15. Jajodia, S., Ghosh, A.K., Swarup, V., Wang, C., Wang, X.S. (eds.): Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats. Advances in Information Security, vol. 54. Springer, New York (2011). https://doi.org/10.1007/978-1-4614-0977-9

    Book  Google Scholar 

  16. Jajodia, S., Liu, P., Swarup, V., Wang, C. (eds.): Cyber Situational Awareness: Issues and Research. Advances in Information Security. Springer, New York (2010). https://doi.org/10.1007/978-1-4419-0140-8

    Book  MATH  Google Scholar 

  17. Jajodia, S., Noel, S., Kalapa, P., Albanese, M., Williams, J.: Cauldron: mission-centric cyber situational awareness with defense in depth. In: Proceedings of the Military Communications Conference (MILCOM 2011), pp. 1339–1344. Baltimore, MD, USA, November 2011

    Google Scholar 

  18. Jajodia, S., Noel, S., O’Berry, B.: Topological analysis of network attack vulnerability. In: Kumar, V., Srivastava, J., Lazarevic, A. (eds.) Managing Cyber Threats: Issues, Approaches, and Challenges. MACO, vol. 5, pp. 247–266. Springer, Boston (2005). https://doi.org/10.1007/0-387-24230-9_9

    Chapter  Google Scholar 

  19. Leversage, D.J., Byres, E.J.: Estimating a system’s mean time-to-compromise. IEEE Secur. Priv. 6(1), 52–60 (2008)

    Article  Google Scholar 

  20. Manadhata, P.K., Wing, J.M.: An attack surface metric. IEEE Trans. Software Eng. 37(3), 371–386 (2011)

    Article  Google Scholar 

  21. McHugh, J.: Quality of protection: measuring the unmeasurable? In: Proceedings of the 2nd ACM Workshop on Quality of Protection (QoP 2006), pp. 1–2. ACM, Alexandria, VA, USA, October 2006

    Google Scholar 

  22. Natrajan, A., Ning, P., Liu, Y., Jajodia, S., Hutchinson, S.E.: NSDMiner: Automated discovery of network service dependencies. In: Proceedings of the 31st Annual International Conference on Computer Communications (INFOCOM 2012), pp. 2507–2515, Orlando, FL, USA, March 2012

    Google Scholar 

  23. Noel, S., Jajodia, S.: Managing attack graph complexity through visual hierarchical aggregation. In: Proceedings of the ACM CCS Workshop on Visualization and Data Mining for Computer Security (VizSEC/DMSEC 2004), pp. 109–118. ACM, Fairfax, VA, USA, October 2004

    Google Scholar 

  24. Wang, L., Islam, T., Long, T., Singhal, A., Jajodia, S.: An attack graph-based probabilistic security metric. In: Atluri, V. (ed.) DBSec 2008. LNCS, vol. 5094, pp. 283–296. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-70567-3_22

    Chapter  Google Scholar 

  25. Wang, L., Jajodia, S., Singhal, A., Noel, S.: k-zero day safety: measuring the security risk of networks against unknown attacks. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 573–587. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-15497-3_35

    Chapter  Google Scholar 

  26. Wang, L., Noel, S., Jajodia, S.: Minimum-cost network hardening using attack graphs. Comput. Commun. 29(18), 3812–3824 (2006)

    Article  Google Scholar 

Download references

Acknowledgement

This work was partially supported by the Army Research Office under grants W911NF-09-1-0525 and W911NF-13-1-0421.

Author information

Authors and Affiliations

  1. George Mason University, Fairfax, VA, USA

    Massimiliano Albanese

Authors
  1. Massimiliano Albanese
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Massimiliano Albanese .

Editor information

Editors and Affiliations

  1. Università degli Studi di Milano, Milano, Italy

    Pierangela Samarati

  2. Colorado State University, Fort Collins, CO, USA

    Indrajit Ray

  3. Colorado State University, Fort Collins, CO, USA

    Indrakshi Ray

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Albanese, M. (2018). From Cyber Situational Awareness to Adaptive Cyber Defense: Leveling the Cyber Playing Field. In: Samarati, P., Ray, I., Ray, I. (eds) From Database to Cyber Security. Lecture Notes in Computer Science(), vol 11170. Springer, Cham. https://doi.org/10.1007/978-3-030-04834-1_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-04834-1_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-04833-4

  • Online ISBN: 978-3-030-04834-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation