Skip to main content
SpringerLink
Log in
Book cover

Adversarial and Uncertain Reasoning for Adaptive Cyber Defense pp 1–11Cite as

Overview of Control and Game Theory in Adaptive Cyber Defenses

  • Chapter
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11830))

Abstract

The purpose of this chapter is to introduce cyber security researchers to key concepts in modern control and game theory that are relevant to Moving Target Defenses and Adaptive Cyber Defense. We begin by observing that there are fundamental differences between control models and game models that are important for security practitioners to understand. Those differences will be illustrated through simple but realistic cyber operations scenarios, especially with respect to the types and amounts of data require for modeling. In addition to modeling differences, there are a variety of ways to think about what constitutes a “solution.” Moreover, there are significant differences in the computational and information requirements to compute solutions for various types of Adaptive Cyber Defense problems. This material is presented in the context of the advances documented in this book, the various chapters of which describe advances made in the 2012 ARO ACD MURI.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   49.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   64.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Albanese, M., Connell, W., Venkatesan, S., Cybenko, G.: Moving Target Defense Quantification (chap. 5). Springer, New York (2018)

    Google Scholar 

  2. Albanese, M., Huang, D.: MTD 2018: 5th ACM workshop on Moving Target Defense (MTD). In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 2175–2176. ACM (2018)

    Google Scholar 

  3. Albanese, M., Jajodia, S., Venkatesan, S., Cybenko, G., Nguyen, T.: Adaptive Cyber Defenses for Botnet Detection and Mitigation (chap. 8). Springer, New York (2018)

    Google Scholar 

  4. Albanese, M., Jajodia, S., Venkatesan, S., Cybenko, G., Nguyen, T.: Adaptive Cyber Defenses for Botnet Detection and Mitigation (chap. 9). Springer, New York (2018)

    Google Scholar 

  5. Anderson, N., Mitchell, R., Chen, R.: Parameterizing moving target defenses. In: 2016 8th IFIP International Conference on New Technologies, Mobility and Security (NTMS), pp. 1–6. IEEE (2016)

    Google Scholar 

  6. Anderson, R., Moore, T.: The economics of information security. Science 314(5799), 610–613 (2006)

    Article  Google Scholar 

  7. Anderson, R.J.: Security Engineering: A Guide to Building Dependable Distributed Systems. Wiley, Hoboken (2010)

    Google Scholar 

  8. Angerman, W.S.: Coming full circle with Boyd’s OODA loop ideas: an analysis of innovation diffusion and evolution. Technical report, Air Force Inst Of Tech Wright-Patterson AFB OH School of Engineering and Management (2004)

    Google Scholar 

  9. Barrantes, E.G., Ackley, D.H., Forrest, S., Stefanović, D.: Randomized instruction set emulation. ACM Trans. Inf. Syst. Secur. (TISSEC) 8(1), 3–40 (2005)

    Article  Google Scholar 

  10. Baudry, B., Monperrus, M.: The multiple facets of software diversity: Recent developments in year 2000 and beyond. ACM Comput. Surv. (CSUR) 48(1), 16 (2015)

    Article  Google Scholar 

  11. Bertsekas, D.P.: Dynamic Programming and Optimal Control, vol. 1. Athena Scientific Belmont, Belmont (2005)

    MATH  Google Scholar 

  12. Bhatt, S., Manadhata, P.K., Zomlot, L.: The operational role of security information and event management systems. IEEE Secur. Priv. 5, 35–41 (2014)

    Article  Google Scholar 

  13. Boyd, J.R.: The essence of winning and losing. Unpublished lecture notes 12(23), 123–125 (1996)

    Google Scholar 

  14. Cai, G.L., Wang, B.S., Hu, W., Wang, T.Z.: Moving target defense: state of the art and characteristics. Front. Inf. Technol. Electron. Eng. 17(11), 1122–1153 (2016)

    Article  Google Scholar 

  15. Chen, P., et al.: MTD Techniques for Memory Protection against Zero-Day Attacks (chap. 7). Springer, New York (2018)

    Google Scholar 

  16. Co, M., et al.: Double Helix and RAVEN: a system for cyber fault tolerance and recovery. In: Proceedings of the 11th Annual Cyber and Information Security Research Conference, p. 17. ACM (2016)

    Google Scholar 

  17. Collins, M.P.: A cost-based mechanism for evaluating the effectiveness of moving target defenses. In: Grossklags, J., Walrand, J. (eds.) GameSec 2012. LNCS, vol. 7638, pp. 221–233. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34266-0_13

    Chapter  Google Scholar 

  18. Connell, W., Albanese, M., Venkatesan, S.: A framework for moving target defense quantification. In: De Capitani di Vimercati, S., Martinelli, F. (eds.) SEC 2017. IAICT, vol. 502, pp. 124–138. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-58469-0_9

    Chapter  Google Scholar 

  19. Cox, B., et al.: N-variant systems: a secretless framework for security through diversity. In: USENIX Security Symposium, pp. 105–120 (2006)

    Google Scholar 

  20. Cybenko, G., Hughes, J.: No free lunch in cyber security. In: Proceedings of the First ACM Workshop on Moving Target Defense, pp. 1–12. ACM (2014)

    Google Scholar 

  21. Devanbu, P.T., Stubblebine, S.: Software engineering for security: a roadmap. In: Proceedings of the Conference on the Future of Software Engineering, pp. 227–239. ACM (2000)

    Google Scholar 

  22. Farris, K.A., Cybenko, G.: Quantification of moving target cyber defenses. In: Sensors, and Command, Control, Communications, and Intelligence (C3I) Technologies for Homeland Security, Defense, and Law Enforcement XIV, vol. 9456, p. 94560L. International Society for Optics and Photonics (2015)

    Google Scholar 

  23. Forrest, S., Somayaji, A., Ackley, D.H.: Building diverse computer systems. In: The Sixth Workshop on Hot Topics in Operating Systems, pp. 67–72. IEEE (1997)

    Google Scholar 

  24. Ganesan, R., Jajodia, S., Cam, H.: Optimal scheduling of cybersecurity analysts for minimizing risk. ACM Trans. Intell. Syst. Technol. (TIST) (TIST) 8(4), (2017). Article no. 52

    Article  Google Scholar 

  25. Hu, Z., Chen, P., Zhu, M., Liu, P.: Reinforcement Learning for Adaptive Cyber Defense against Zero-day Attacks (chap). 4. Springer, New York (2018)

    Google Scholar 

  26. Jafarian, J.H., Al-Shaer, E., Duan, Q.: Openflow random host mutation: transparent moving target defense using software defined networking. In: Proceedings of the First Workshop on Hot Topics in Software Defined Networks, pp. 127–132. ACM (2012)

    Google Scholar 

  27. Jajodia, S., Ghosh, A.K., Swarup, V., Wang, C., Wang, X.S.: Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats, vol. 54. Springer, Cham (2011)

    Book  Google Scholar 

  28. Jajodia, S., Noel, S., Kalapa, P., Albanese, M., Williams, J.: Cauldron mission-centric cyber situational awareness with defense in depth. In: IEEE MILCOM, pp. 1339–1344 (2011)

    Google Scholar 

  29. Jung, G., Joshi, K.R., Hiltunen, M.A., Schlichting, R.D., Pu, C.: Performance and availability aware regeneration for cloud based multitier applications. In: 2010 IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 497–506. IEEE (2010)

    Google Scholar 

  30. Larsen, P., Homescu, A., Brunthaler, S., Franz, M.: SoK: automated software diversity. In: 2014 IEEE Symposium on Security and Privacy (SP), pp. 276–291. IEEE (2014)

    Google Scholar 

  31. Lippmann, R., et al.: Validating and restoring defense in depth using attack graphs. In: IEEE MILCOM, pp. 1–10 (2006)

    Google Scholar 

  32. Lippmann, R., Webster, S., Stetson, D.: The effect of identifying vulnerabilities and patching software on the utility of network intrusion detection. In: Wespi, A., Vigna, G., Deri, L. (eds.) RAID 2002. LNCS, vol. 2516, pp. 307–326. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-36084-0_17

    Chapter  MATH  Google Scholar 

  33. MacFarland, D.C., Shue, C.A.: The SDN shuffle: creating a moving-target defense using host-based software-defined networking. In: Proceedings of the Second ACM Workshop on Moving Target Defense, pp. 37–41. ACM (2015)

    Google Scholar 

  34. Marden, J.R., Shamma, J.S.: Game theory and control. Annu. Rev. Control Robot. Auton. Syst. 1, 105–134 (2018)

    Article  Google Scholar 

  35. Miehling, E., Rasouli, M., Teneketzis, D.: Control-Theoretic Approaches to Dynamic Cyber Security (chap. 2). Springer, New York (2018)

    Google Scholar 

  36. Novikova, E., Kotenko, I.: Analytical visualization techniques for security information and event management. In: 2013 21st Euromicro International Conference on Parallel, Distributed and Network-Based Processing (PDP), pp. 519–525. IEEE (2013)

    Google Scholar 

  37. Okhravi, H., et al.: Survey of cyber moving target techniques. Techical report, Massachusetts Institute of Technology: Lexington Lincoln Lab (2013)

    Google Scholar 

  38. Okhravi, H., Riordan, J., Carter, K.: Quantitative evaluation of dynamic platform techniques as a defensive mechanism. In: Stavrou, A., Bos, H., Portokalidis, G. (eds.) RAID 2014. LNCS, vol. 8688, pp. 405–425. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-11379-1_20

    Chapter  Google Scholar 

  39. Pfleeger, C.P., Pfleeger, S.L., Theofanos, M.F.: A methodology for penetration testing. Comput. Secur. 8(7), 613–620 (1989)

    Article  Google Scholar 

  40. Potter, B., McGraw, G.: Software security testing. IEEE Secur. Priv. 2(5), 81–85 (2004)

    Article  Google Scholar 

  41. Priest, B.W., Vuksani, E., Wagner, N., Tello, B., Carter, K.M., Streilein, W.W.: Agent-based simulation in support of moving target cyber defense technology development and evaluation. In: Proceedings of the 18th Symposium on Communications & Networking, pp. 16–23. Society for Computer Simulation International (2015)

    Google Scholar 

  42. Priest, B.W., Cybenko, G., Liu, P., Singh, S., Albanese, M.: Online and Scalable Adaptive Cyber Defense (chap. 10). Springer, New York (2018)

    Google Scholar 

  43. Shacham, H., Page, M., Pfaff, B., Goh, E.J., Modadugu, N., Boneh, D.: On the effectiveness of address-space randomization. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 298–307. ACM (2004)

    Google Scholar 

  44. Stamp, M.: Risks Monoculture. Communications of the ACM 47(3), 120 (2004)

    Article  MathSciNet  Google Scholar 

  45. Tavafoghi, H., Ouyang, Y., Teneketzis, D., Wellman, M.: Game Theoretic Approaches to Cyber Security: Challenges, Results and Open Problems (chap. 3). Springer, New York (2018)

    Google Scholar 

  46. Van Dijk, M., Juels, A., Oprea, A., Rivest, R.L.: Flipit: the game of “stealthy takeover". J. Cryptol. 26(4), 655–713 (2013)

    Article  MathSciNet  Google Scholar 

  47. Van Leeuwen, B., Stout, W.M., Urias, V.: Operational cost of deploying moving target defenses defensive work factors. In: Military Communications Conference, MILCOM 2015 – 2015 IEEE, pp. 966–971. IEEE (2015)

    Google Scholar 

  48. Ward, B.C., et al.: Survey of cyber moving targets, 2nd edn. Technical report, MIT Lincoln Laboratory Lexington United States (2018)

    Google Scholar 

  49. Wellman, M.P., Nguyen, T.H., Wright, M.: Empirical Game-Theoretic Methods for Adaptive Cyber-Defense (chap. 6). Springer, New York (2018)

    Google Scholar 

  50. Wellman, M.P., Prakash, A.: Empirical game-theoretic analysis of an adaptive cyber-defense scenario (preliminary report). In: Poovendran, R., Saad, W. (eds.) GameSec 2014. LNCS, vol. 8840, pp. 43–58. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-12601-2_3

    Chapter  MATH  Google Scholar 

  51. Winston, W.L., Goldberg, J.B.: Operations Research: Applications and Algorithms, vol. 3. Thomson Brooks/Cole, Belmont (2004)

    Google Scholar 

  52. Xu, J., Guo, P., Zhao, M., Erbacher, R.F., Zhu, M., Liu, P.: Comparing different moving target defense techniques. In: Proceedings of the First ACM Workshop on Moving Target Defense, pp. 97–107. ACM (2014)

    Google Scholar 

  53. Zhang, M., Wang, L., Jajodia, S., Singhal, A., Albanese, M.: Network diversity: a security metric for evaluating the resilience of networks against zero-day attacks. IEEE Trans. Inf. Forensics Secur. 11(5), 1071–1086 (2016)

    Article  Google Scholar 

  54. Zhu, Q., Başar, T.: Game-theoretic approach to feedback-driven multi-stage moving target defense. In: Das, S.K., Nita-Rotaru, C., Kantarcioglu, M. (eds.) GameSec 2013. LNCS, vol. 8252, pp. 246–263. Springer, Cham (2013). https://doi.org/10.1007/978-3-319-02786-9_15

    Chapter  MATH  Google Scholar 

Download references

Acknowledgements and Disclaimer

The work presented in this book was support by the Army Research Office under grant W911NF-13-1-0421. The authors of this book and other participants in the Adaptive Cyber Defense project are grateful for the direction and support of Dr. Clifford Wang (U.S. Army Research Office).

The views and opinions expressed in this book are those of the authors and do not necessarily reflect the official policy or position of any agency of the U.S. Government.

Author information

Authors and Affiliations

  1. Dartmouth, Hanover, USA

    George Cybenko

  2. University of Michigan, Michigan, USA

    Michael Wellman

  3. Pennsylvania State University, University Park, USA

    Peng Liu & Minghui Zhu

Authors
  1. George Cybenko
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Michael Wellman
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Peng Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Minghui Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to George Cybenko .

Editor information

Editors and Affiliations

  1. George Mason University, Fairfax, VA, USA

    Sushil Jajodia

  2. Dartmouth College, Hanover, NH, USA

    George Cybenko

  3. Pennsylvania State University, University Park, PA, USA

    Peng Liu

  4. Army Research Laboratory, Triangle Park, NC, USA

    Cliff Wang

  5. University of Michigan, Ann Arbor, MI, USA

    Michael Wellman

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Cybenko, G., Wellman, M., Liu, P., Zhu, M. (2019). Overview of Control and Game Theory in Adaptive Cyber Defenses. In: Jajodia, S., Cybenko, G., Liu, P., Wang, C., Wellman, M. (eds) Adversarial and Uncertain Reasoning for Adaptive Cyber Defense. Lecture Notes in Computer Science(), vol 11830. Springer, Cham. https://doi.org/10.1007/978-3-030-30719-6_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-30719-6_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-30718-9

  • Online ISBN: 978-3-030-30719-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation