Abstract
The purpose of this chapter is to introduce cyber security researchers to key concepts in modern control and game theory that are relevant to Moving Target Defenses and Adaptive Cyber Defense. We begin by observing that there are fundamental differences between control models and game models that are important for security practitioners to understand. Those differences will be illustrated through simple but realistic cyber operations scenarios, especially with respect to the types and amounts of data require for modeling. In addition to modeling differences, there are a variety of ways to think about what constitutes a “solution.” Moreover, there are significant differences in the computational and information requirements to compute solutions for various types of Adaptive Cyber Defense problems. This material is presented in the context of the advances documented in this book, the various chapters of which describe advances made in the 2012 ARO ACD MURI.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Albanese, M., Connell, W., Venkatesan, S., Cybenko, G.: Moving Target Defense Quantification (chap. 5). Springer, New York (2018)
Albanese, M., Huang, D.: MTD 2018: 5th ACM workshop on Moving Target Defense (MTD). In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 2175–2176. ACM (2018)
Albanese, M., Jajodia, S., Venkatesan, S., Cybenko, G., Nguyen, T.: Adaptive Cyber Defenses for Botnet Detection and Mitigation (chap. 8). Springer, New York (2018)
Albanese, M., Jajodia, S., Venkatesan, S., Cybenko, G., Nguyen, T.: Adaptive Cyber Defenses for Botnet Detection and Mitigation (chap. 9). Springer, New York (2018)
Anderson, N., Mitchell, R., Chen, R.: Parameterizing moving target defenses. In: 2016 8th IFIP International Conference on New Technologies, Mobility and Security (NTMS), pp. 1–6. IEEE (2016)
Anderson, R., Moore, T.: The economics of information security. Science 314(5799), 610–613 (2006)
Anderson, R.J.: Security Engineering: A Guide to Building Dependable Distributed Systems. Wiley, Hoboken (2010)
Angerman, W.S.: Coming full circle with Boyd’s OODA loop ideas: an analysis of innovation diffusion and evolution. Technical report, Air Force Inst Of Tech Wright-Patterson AFB OH School of Engineering and Management (2004)
Barrantes, E.G., Ackley, D.H., Forrest, S., Stefanović, D.: Randomized instruction set emulation. ACM Trans. Inf. Syst. Secur. (TISSEC) 8(1), 3–40 (2005)
Baudry, B., Monperrus, M.: The multiple facets of software diversity: Recent developments in year 2000 and beyond. ACM Comput. Surv. (CSUR) 48(1), 16 (2015)
Bertsekas, D.P.: Dynamic Programming and Optimal Control, vol. 1. Athena Scientific Belmont, Belmont (2005)
Bhatt, S., Manadhata, P.K., Zomlot, L.: The operational role of security information and event management systems. IEEE Secur. Priv. 5, 35–41 (2014)
Boyd, J.R.: The essence of winning and losing. Unpublished lecture notes 12(23), 123–125 (1996)
Cai, G.L., Wang, B.S., Hu, W., Wang, T.Z.: Moving target defense: state of the art and characteristics. Front. Inf. Technol. Electron. Eng. 17(11), 1122–1153 (2016)
Chen, P., et al.: MTD Techniques for Memory Protection against Zero-Day Attacks (chap. 7). Springer, New York (2018)
Co, M., et al.: Double Helix and RAVEN: a system for cyber fault tolerance and recovery. In: Proceedings of the 11th Annual Cyber and Information Security Research Conference, p. 17. ACM (2016)
Collins, M.P.: A cost-based mechanism for evaluating the effectiveness of moving target defenses. In: Grossklags, J., Walrand, J. (eds.) GameSec 2012. LNCS, vol. 7638, pp. 221–233. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34266-0_13
Connell, W., Albanese, M., Venkatesan, S.: A framework for moving target defense quantification. In: De Capitani di Vimercati, S., Martinelli, F. (eds.) SEC 2017. IAICT, vol. 502, pp. 124–138. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-58469-0_9
Cox, B., et al.: N-variant systems: a secretless framework for security through diversity. In: USENIX Security Symposium, pp. 105–120 (2006)
Cybenko, G., Hughes, J.: No free lunch in cyber security. In: Proceedings of the First ACM Workshop on Moving Target Defense, pp. 1–12. ACM (2014)
Devanbu, P.T., Stubblebine, S.: Software engineering for security: a roadmap. In: Proceedings of the Conference on the Future of Software Engineering, pp. 227–239. ACM (2000)
Farris, K.A., Cybenko, G.: Quantification of moving target cyber defenses. In: Sensors, and Command, Control, Communications, and Intelligence (C3I) Technologies for Homeland Security, Defense, and Law Enforcement XIV, vol. 9456, p. 94560L. International Society for Optics and Photonics (2015)
Forrest, S., Somayaji, A., Ackley, D.H.: Building diverse computer systems. In: The Sixth Workshop on Hot Topics in Operating Systems, pp. 67–72. IEEE (1997)
Ganesan, R., Jajodia, S., Cam, H.: Optimal scheduling of cybersecurity analysts for minimizing risk. ACM Trans. Intell. Syst. Technol. (TIST) (TIST) 8(4), (2017). Article no. 52
Hu, Z., Chen, P., Zhu, M., Liu, P.: Reinforcement Learning for Adaptive Cyber Defense against Zero-day Attacks (chap). 4. Springer, New York (2018)
Jafarian, J.H., Al-Shaer, E., Duan, Q.: Openflow random host mutation: transparent moving target defense using software defined networking. In: Proceedings of the First Workshop on Hot Topics in Software Defined Networks, pp. 127–132. ACM (2012)
Jajodia, S., Ghosh, A.K., Swarup, V., Wang, C., Wang, X.S.: Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats, vol. 54. Springer, Cham (2011)
Jajodia, S., Noel, S., Kalapa, P., Albanese, M., Williams, J.: Cauldron mission-centric cyber situational awareness with defense in depth. In: IEEE MILCOM, pp. 1339–1344 (2011)
Jung, G., Joshi, K.R., Hiltunen, M.A., Schlichting, R.D., Pu, C.: Performance and availability aware regeneration for cloud based multitier applications. In: 2010 IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 497–506. IEEE (2010)
Larsen, P., Homescu, A., Brunthaler, S., Franz, M.: SoK: automated software diversity. In: 2014 IEEE Symposium on Security and Privacy (SP), pp. 276–291. IEEE (2014)
Lippmann, R., et al.: Validating and restoring defense in depth using attack graphs. In: IEEE MILCOM, pp. 1–10 (2006)
Lippmann, R., Webster, S., Stetson, D.: The effect of identifying vulnerabilities and patching software on the utility of network intrusion detection. In: Wespi, A., Vigna, G., Deri, L. (eds.) RAID 2002. LNCS, vol. 2516, pp. 307–326. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-36084-0_17
MacFarland, D.C., Shue, C.A.: The SDN shuffle: creating a moving-target defense using host-based software-defined networking. In: Proceedings of the Second ACM Workshop on Moving Target Defense, pp. 37–41. ACM (2015)
Marden, J.R., Shamma, J.S.: Game theory and control. Annu. Rev. Control Robot. Auton. Syst. 1, 105–134 (2018)
Miehling, E., Rasouli, M., Teneketzis, D.: Control-Theoretic Approaches to Dynamic Cyber Security (chap. 2). Springer, New York (2018)
Novikova, E., Kotenko, I.: Analytical visualization techniques for security information and event management. In: 2013 21st Euromicro International Conference on Parallel, Distributed and Network-Based Processing (PDP), pp. 519–525. IEEE (2013)
Okhravi, H., et al.: Survey of cyber moving target techniques. Techical report, Massachusetts Institute of Technology: Lexington Lincoln Lab (2013)
Okhravi, H., Riordan, J., Carter, K.: Quantitative evaluation of dynamic platform techniques as a defensive mechanism. In: Stavrou, A., Bos, H., Portokalidis, G. (eds.) RAID 2014. LNCS, vol. 8688, pp. 405–425. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-11379-1_20
Pfleeger, C.P., Pfleeger, S.L., Theofanos, M.F.: A methodology for penetration testing. Comput. Secur. 8(7), 613–620 (1989)
Potter, B., McGraw, G.: Software security testing. IEEE Secur. Priv. 2(5), 81–85 (2004)
Priest, B.W., Vuksani, E., Wagner, N., Tello, B., Carter, K.M., Streilein, W.W.: Agent-based simulation in support of moving target cyber defense technology development and evaluation. In: Proceedings of the 18th Symposium on Communications & Networking, pp. 16–23. Society for Computer Simulation International (2015)
Priest, B.W., Cybenko, G., Liu, P., Singh, S., Albanese, M.: Online and Scalable Adaptive Cyber Defense (chap. 10). Springer, New York (2018)
Shacham, H., Page, M., Pfaff, B., Goh, E.J., Modadugu, N., Boneh, D.: On the effectiveness of address-space randomization. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 298–307. ACM (2004)
Stamp, M.: Risks Monoculture. Communications of the ACM 47(3), 120 (2004)
Tavafoghi, H., Ouyang, Y., Teneketzis, D., Wellman, M.: Game Theoretic Approaches to Cyber Security: Challenges, Results and Open Problems (chap. 3). Springer, New York (2018)
Van Dijk, M., Juels, A., Oprea, A., Rivest, R.L.: Flipit: the game of “stealthy takeover". J. Cryptol. 26(4), 655–713 (2013)
Van Leeuwen, B., Stout, W.M., Urias, V.: Operational cost of deploying moving target defenses defensive work factors. In: Military Communications Conference, MILCOM 2015 – 2015 IEEE, pp. 966–971. IEEE (2015)
Ward, B.C., et al.: Survey of cyber moving targets, 2nd edn. Technical report, MIT Lincoln Laboratory Lexington United States (2018)
Wellman, M.P., Nguyen, T.H., Wright, M.: Empirical Game-Theoretic Methods for Adaptive Cyber-Defense (chap. 6). Springer, New York (2018)
Wellman, M.P., Prakash, A.: Empirical game-theoretic analysis of an adaptive cyber-defense scenario (preliminary report). In: Poovendran, R., Saad, W. (eds.) GameSec 2014. LNCS, vol. 8840, pp. 43–58. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-12601-2_3
Winston, W.L., Goldberg, J.B.: Operations Research: Applications and Algorithms, vol. 3. Thomson Brooks/Cole, Belmont (2004)
Xu, J., Guo, P., Zhao, M., Erbacher, R.F., Zhu, M., Liu, P.: Comparing different moving target defense techniques. In: Proceedings of the First ACM Workshop on Moving Target Defense, pp. 97–107. ACM (2014)
Zhang, M., Wang, L., Jajodia, S., Singhal, A., Albanese, M.: Network diversity: a security metric for evaluating the resilience of networks against zero-day attacks. IEEE Trans. Inf. Forensics Secur. 11(5), 1071–1086 (2016)
Zhu, Q., Başar, T.: Game-theoretic approach to feedback-driven multi-stage moving target defense. In: Das, S.K., Nita-Rotaru, C., Kantarcioglu, M. (eds.) GameSec 2013. LNCS, vol. 8252, pp. 246–263. Springer, Cham (2013). https://doi.org/10.1007/978-3-319-02786-9_15
Acknowledgements and Disclaimer
The work presented in this book was support by the Army Research Office under grant W911NF-13-1-0421. The authors of this book and other participants in the Adaptive Cyber Defense project are grateful for the direction and support of Dr. Clifford Wang (U.S. Army Research Office).
The views and opinions expressed in this book are those of the authors and do not necessarily reflect the official policy or position of any agency of the U.S. Government.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Cybenko, G., Wellman, M., Liu, P., Zhu, M. (2019). Overview of Control and Game Theory in Adaptive Cyber Defenses. In: Jajodia, S., Cybenko, G., Liu, P., Wang, C., Wellman, M. (eds) Adversarial and Uncertain Reasoning for Adaptive Cyber Defense. Lecture Notes in Computer Science(), vol 11830. Springer, Cham. https://doi.org/10.1007/978-3-030-30719-6_1
Download citation
DOI: https://doi.org/10.1007/978-3-030-30719-6_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-30718-9
Online ISBN: 978-3-030-30719-6
eBook Packages: Computer ScienceComputer Science (R0)