Abstract
We propose a framework for cyber risk assessment and mitigation which models attackers as formal planners and defenders as interdicting such plans. We illustrate the value of plan interdiction problems by first modeling network cyber risk through the use of formal planning, and subsequently formalizing an important question of prioritizing vulnerabilities for patching in the plan interdiction framework. In particular, we show that selectively patching relatively few vulnerabilities allows a network administrator to significantly reduce exposure to cyber risk. More broadly, we have developed a number of scalable approaches for plan interdiction problems, making especially significant advances when attack plans involve uncertainty about system dynamics. However, important open problems remain, including how to effectively capture information asymmetry between the attacker and defender, how to best model dynamics in the attacker-defender interaction, and how to develop scalable algorithms for solving associated plan interdiction games.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
The actions in our example are taken from the CAPEC database (http://capec.mitre.org).
References
Desktop operating system market share. https://www.netmarketshare.com/
Developer survey results 2016. https://insights.stackoverflow.com/survey/2016#technology-development-environments
Whatpulse: Most used applications. https://whatpulse.org/stats/apps/
Aiello, W., Chung, F., Lu, L.: A random graph model for power law graphs. Experimental Mathematics 10(1), 53–66 (2001). http://eudml.org/doc/227051
Chen, Y., Wah, B.W., wei Hsu, C.: Temporal planning using subgoal partitioning and resolution in SGPlan. Journal of Artificial Intelligence Research 26, 323–369 (2006)
Erdos, P., Rényi, A.: On the evolution of random graphs. Publ. Math. Inst. Hung. Acad. Sci 5(1), 17–60 (1960)
Filar, J., Vrieze, K.: Competitive Markov Decision Processes. Springer-Verlag (1997)
Ghare, P., Montgomery, D., Turner, W.: Optimal interdiction policy for a flow network. Naval Research Logistics Quarterly 18(1), 37–45 (1971)
Guestrin, C., Koller, D., Parr, R., Venkataraman, S.: Efficient solution algorithms for factored mdps. Journal of Artificial Intelligence Research 19, 399–468 (2003)
Letchford, J., Vorobeychik, Y.: Optimal interdiction of attack plans. In: International Conference on Autonomous Agents and Multiagent Systems, pp. 199–206 (2013)
McMasters, A., Mustin, T.: Optimal interdiction of a supply network. Naval Research Logistics Quarterly 17(3), 261–268 (1970)
O’Donnell, R.: Some topics in analysis of boolean functions. In: Proceedings of the fortieth annual ACM symposium on Theory of computing, pp. 569–578. ACM (2008)
Panda, S., Vorobeychik, Y.: Near-optimal interdiction of factored mdps. In: Conference on Uncertainty in Artificial Intelligence (2017)
Puterman, M.L.: Markov Decision Processes: Discrete Stochastic Dynamic Programming. John Wiley & Sons, Inc. (1994)
Salmeron, J., Wood, K., Baldrick, R.: Worst-case interdiction analysis of large-scale electric power grids. IEEE Transactions on Power Systems 24(1), 96–104 (2009)
Seshadhri, C., Kolda, T.G., Pinar, A.: Community structure and scale-free collections of erdős-rényi graphs. Physical Review E 85(5), 056,109 (2012)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Vorobeychik, Y., Pritchard, M. (2020). Plan Interdiction Games. In: Jajodia, S., Cybenko, G., Subrahmanian, V., Swarup, V., Wang, C., Wellman, M. (eds) Adaptive Autonomous Secure Cyber Systems. Springer, Cham. https://doi.org/10.1007/978-3-030-33432-1_8
Download citation
DOI: https://doi.org/10.1007/978-3-030-33432-1_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-33431-4
Online ISBN: 978-3-030-33432-1
eBook Packages: Computer ScienceComputer Science (R0)