Skip to main content
SpringerLink
Log in
Book cover

International Conference on Algorithms and Architectures for Parallel Processing

ICA3PP 2017: Algorithms and Architectures for Parallel Processing pp 313–327Cite as

Optimally Selecting the Timing of Zero-Day Attack via Spatial Evolutionary Game

  • Conference paper
  • First Online:

  • 2430 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 10393))

Abstract

Zero-day attacks pose a serious threat to the government agencies and companies. To get better protection of the internet infrastructure, it is very important for the defenders to analyze the behavior of attackers who exploit the zero-day vulnerabilities and predict their attack timing. For attackers, when to exploit the zero-day vulnerability means a tough tradeoff between profit and risk: If the attackers exploit too soon, they may get limited profits; too late, they may suffer the higher risk of being found before the attack. To help defenders make a better prediction, this paper computes the optimal timing from the perspective of attackers. We use an evolutionary game to estimate the risk of being found and then chooses the optimal timing based on the risk and profit. In detail, we design a learning strategy to deal with individual differences among multi-attackers, and use spatial structure to model the evolutionary process. The experiment results show the efficiency of this approach.

This work was supported by the National Key R&D Program of China (No. 2016YFB0800702), and NSFC General Projects (No. 61672515).

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    http://www.cert.org.cn/publish/main/upload/File/2016CNVDannual1.pdf.

  2. 2.

    http://thehackernews.com/2016/03/bank-hacking-malware.html.

  3. 3.

    Baidu is the predominant search engine in China.

References

  1. Al-Jarrah, O., Arafat, A.: Network intrusion detection system using attack behavior classification. In: 2014 5th International Conference on Information and Communication Systems (ICICS), pp. 1–6. IEEE (2014)

    Google Scholar 

  2. Allodi, L., Massacci, F.: Comparing vulnerability severity and exploits using case-control studies. ACM Trans. Inf. Syst. Secur. (TISSEC) 17(1), 1 (2014)

    Article  Google Scholar 

  3. Allodi, L., Massacci, F., Williams, J.M.: The work-averse cyber attacker model: theory and evidence from two million attack signatures, 27 June 2017. https://ssrn.com/abstract=2862299

  4. Arbaugh, W.A., Fithen, W.L., McHugh, J.: Windows of vulnerability: a case study analysis. Computer 33(12), 52–59 (2000)

    Article  Google Scholar 

  5. Avasarala, B.R., Day, J.C., Steiner, D., et al.: System and method for automated machine-learning, zero-day malware detection, US Patent 9,292,688, 22 March 2016

    Google Scholar 

  6. Axelrod, R., Iliev, R.: Timing of cyber conflict. Proc. Natl. Acad. Sci. 111(4), 1298–1303 (2014)

    Article  Google Scholar 

  7. Bilge, L., Dumitras, T.: Before we knew it: an empirical study of zero-day attacks in the real world. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 833–844. ACM (2012)

    Google Scholar 

  8. Bozorgi, M., Saul, L.K., Savage, S., Voelker, G.M.: Beyond heuristics: learning to classify vulnerabilities and predict exploits. In: Proceedings of the 16th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 105–114. ACM (2010)

    Google Scholar 

  9. Dumitraş, T.: Understanding the vulnerability lifecycle for risk assessment and defense against sophisticated cyber attacks. In: Jajodia, S., Shakarian, P., Subrahmanian, V.S., Swarup, V., Wang, C. (eds.) Cyber Warfare, vol. 56, pp. 265–285. Springer, Cham (2015). doi:10.1007/978-3-319-14039-1_13

    Google Scholar 

  10. Ekelhart, A., Kiesling, E., Grill, B., Strauss, C., Stummer, C.: Integrating attacker behavior in it security analysis: a discrete-event simulation approach. Inf. Technol. Manage. 16(3), 221–233 (2015)

    Article  Google Scholar 

  11. Guo, H., Wang, X., Cheng, H., Huang, M.: A routing defense mechanism using evolutionary game theory for delay tolerant networks. Appl. Soft Comput. 38, 469–476 (2016)

    Article  Google Scholar 

  12. Jiang, G., Shen, S., Hu, K., Huang, L., Li, H., Han, R.: Evolutionary game-based secrecy rate adaptation in wireless sensor networks. Int. J. Distrib. Sens. Netw. 11(3), 975454:1–975454:13 (2015)

    Article  Google Scholar 

  13. Liang, X., Xiao, Y., et al.: Game theory for network security. IEEE Commun. Surv. Tutor. 15(1), 472–486 (2013)

    Article  Google Scholar 

  14. Mishra, A., Gupta, B.: Hybrid solution to detect and filter zero-day phishing attacks. In: Proceedings of the Second International Conference on Emerging Research in Computing, Information, Communication and Applications, pp. 373–379 (2014)

    Google Scholar 

  15. Mitchell, R., Chen, R.: Adaptive intrusion detection of malicious unmanned air vehicles using behavior rule specifications. IEEE Trans. Syst. Man Cybern. Syst. 44(5), 593–604 (2014)

    Article  Google Scholar 

  16. Mitra, S., Ransbotham, S.: Information disclosure and the diffusion of information security attacks. Inf. Syst. Res. 26(3), 565–584 (2015)

    Article  Google Scholar 

  17. Nayak, K., Marino, D., Efstathopoulos, P., Dumitraş, T.: Some vulnerabilities are different than others. In: Stavrou, A., Bos, H., Portokalidis, G. (eds.) RAID 2014. LNCS, vol. 8688, pp. 426–446. Springer, Cham (2014). doi:10.1007/978-3-319-11379-1_21

    Google Scholar 

  18. Niyato, D., Wang, P., Kim, D.I., Han, Z., Xiao, L.: Game theoretic modeling of jamming attack in wireless powered communication networks. In: 2015 IEEE International Conference on Communications (ICC), pp. 6018–6023. IEEE (2015)

    Google Scholar 

  19. Ruan, N., Gao, L., Zhu, H., Jia, W., Li, X., Hu, Q.: Toward optimal dos-resistant authentication in crowdsensing networks via evolutionary game. In: 2016 IEEE 36th International Conference on Distributed Computing Systems (ICDCS), pp. 364–373. IEEE (2016)

    Google Scholar 

  20. Shahzad, M., Shafiq, M.Z., Liu, A.X.: A large scale exploratory analysis of software vulnerability life cycles. In: Proceedings of the 34th International Conference on Software Engineering, pp. 771–781. IEEE Press (2012)

    Google Scholar 

  21. Tosh, D., Sengupta, S., Kamhoua, C., Kwiat, K., Martin, A.: An evolutionary game-theoretic framework for cyber-threat information sharing. In: 2015 IEEE International Conference on Communications (ICC), pp. 7341–7346. IEEE (2015)

    Google Scholar 

  22. Wang, L., Jajodia, S., Singhal, A., Cheng, P., Noel, S.: k-zero day safety: a network security metric for measuring the risk of unknown vulnerabilities. IEEE Trans. Depend. Secur. Comput. 11(1), 30–44 (2014)

    Article  Google Scholar 

  23. Wang, L., Zhang, M., Jajodia, S., Singhal, A., Albanese, M.: Modeling network diversity for evaluating the robustness of networks against zero-day attacks. In: Kutyłowski, M., Vaidya, J. (eds.) ESORICS 2014. LNCS, vol. 8713, pp. 494–511. Springer, Cham (2014). doi:10.1007/978-3-319-11212-1_28

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China

    Yanwei Sun, Lihua Yin, Yunchuan Guo & Fenghua Li

  2. School of Cyberspace Security, University of Chinese Academy of Sciences, Beijing, China

    Yanwei Sun & Fenghua Li

  3. Electronic Information Engineering Research Institute, University of Electronic Science and Technology of China, Dongguan, China

    Binxing Fang

Authors
  1. Yanwei Sun
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Lihua Yin
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yunchuan Guo
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Fenghua Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Binxing Fang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yunchuan Guo .

Editor information

Editors and Affiliations

  1. Inria, Rennes, France

    Shadi Ibrahim

  2. University of Texas at San Antonio, San Antonio, Texas, USA

    Kim-Kwang Raymond Choo

  3. Aalto University, Espoo, Finland

    Zheng Yan

  4. University of Alberta, Edmonton, Alberta, Canada

    Witold Pedrycz

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Sun, Y., Yin, L., Guo, Y., Li, F., Fang, B. (2017). Optimally Selecting the Timing of Zero-Day Attack via Spatial Evolutionary Game. In: Ibrahim, S., Choo, KK., Yan, Z., Pedrycz, W. (eds) Algorithms and Architectures for Parallel Processing. ICA3PP 2017. Lecture Notes in Computer Science(), vol 10393. Springer, Cham. https://doi.org/10.1007/978-3-319-65482-9_21

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-65482-9_21

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-65481-2

  • Online ISBN: 978-3-319-65482-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation