Publications
Balancing security and performance for agility in dynamic threat environments
June 28, 2016
Conference Paper
Published in:
46th IEEE/IFIP Int. Conf. on Dependable Systems and Networks, DSN 2016, 28 June - 1 July 2016.
Topic:
R&D area:
R&D group:
Summary
In cyber security, achieving the desired balance between system security and system performance in dynamic threat environments is a long-standing open challenge for cyber defenders. Typically an increase in system security comes at the price of decreased system performance, and vice versa, easily resulting in systems that are misaligned to operator specified requirements for system security and performance as the threat environment evolves. We develop an online, reinforcement learning based methodology to automatically discover and maintain desired operating postures in security-performance space even as the threat environment changes. We demonstrate the utility of our approach and discover parameters enabling an agile response to a dynamic adversary in a simulated security game involving prototype cyber moving target defenses.
Summary
In cyber security, achieving the desired balance between system security and system performance in dynamic threat environments is a long-standing open challenge for cyber defenders. Typically an increase in system security comes at the price of decreased system performance, and vice versa, easily resulting in systems that are misaligned to...
READ MORE
Simulation based evaluation of a code diversification strategy
July 21, 2015
Conference Paper
Published in:
5th Int. Conf. on Simulation and Modeling Methodologies, Technologies, and Applications, SIMULTECH 2015, 21-23 July 2015.
Topic:
R&D area:
R&D group:
Summary
Periodic randomization of a computer program's binary code is an attractive technique for defending against several classes of advanced threats. In this paper we describe a model of attacker-defender interaction in which the defender employs such a technique against an attacker who is actively constructing an exploit using Return Oriented Programming (ROP). In order to successfully build a working exploit, the attacker must guess the locations of several small chunks of program code (i.e., gadgets) in the defended program's memory space. As the attacker continually guesses, the defender periodically rotates to a newly randomized variant of the program, effectively negating any gains the attacker made since the last rotation. Although randomization makes the attacker's task more difficult, it also incurs a cost to the defender. As such, the defender's goal is to find an acceptable balance between utility degradation (cost) and security (benefit). One way to measure these two competing factors is the total task latency introduced by both the attacker and any defensive measures taken to thwart him. We simulated a number of diversity strategies under various threat scenarios and present the measured impact on the defender's task.
Summary
Periodic randomization of a computer program's binary code is an attractive technique for defending against several classes of advanced threats. In this paper we describe a model of attacker-defender interaction in which the defender employs such a technique against an attacker who is actively constructing an exploit using Return Oriented...
READ MORE
Agent-based simulation for assessing network security risk due to unauthorized hardware
April 12, 2015
Conference Paper
Published in:
SpringSim 2015: Spring Simulation Multiconference, 12-15 April 2015.
Topic:
R&D area:
R&D group:
Summary
Computer networks are present throughout all sectors of our critical infrastructure and these networks are under a constant threat of cyber attack. One prevalent computer network threat takes advantage of unauthorized, and thus insecure, hardware on a network. This paper presents a prototype simulation system for network risk assessment that is intended for use by administrators to simulate and evaluate varying network environments and attacker/defender scenarios with respect to authorized and unauthorized hardware. The system is built on the agent-based modeling paradigm and captures emergent system dynamics that result from the interactions of multiple network agents including regular and administrator users, attackers, and defenders in a network environment. The agent-based system produces both metrics and visualizations that provide insights into network security risk and serve to guide the search for efficient policies and controls to protect a network from attacks related to unauthorized hardware. The simulation model is unique in the current literature both for its network threat model and its visualized agent-based approach. We demonstrate the model via a case study that evaluates risk for several candidate security policies on a representative computer network.
Summary
Computer networks are present throughout all sectors of our critical infrastructure and these networks are under a constant threat of cyber attack. One prevalent computer network threat takes advantage of unauthorized, and thus insecure, hardware on a network. This paper presents a prototype simulation system for network risk assessment that...
READ MORE
Adaptive attacker strategy development against moving target cyber defenses
May 1, 2014
Journal Article
Published in:
Proc. MODSIM World, May 2014.
Topic:
R&D group:
Summary
A model of strategy formulation is used to study how an adaptive attacker learns to overcome a moving target cyber defense. The attacker-defender interaction is modeled as a game in which a defender deploys a temporal platform migration defense. Against this defense, a population of attackers develop strategies specifying the temporal ordering of resource investments that bring targeted zero-day exploits into existence. Attacker response to two defender temporal platform migration scheduling policies are examined. In the first defender scheduling policy, the defender selects the active platform in each match uniformly at random from a pool of available platforms. In the second policy the defender schedules each successive platform to maximize the diversity of the source code presented to the attacker. Adaptive attacker response strategies are modeled by finite state machine (FSM) constructs that evolve during simulated play against defender strategies via an evolutionary algorithm. It is demonstrated that the attacker learns to invest heavily in exploit creation for the platform with the least similarity to other platforms when faced with a diversity defense, while avoiding investment in exploits for this least similar platform when facing a randomization defense. Additionally, it is demonstrated that the diversity-maximizing defense is superior for shorter duration attacker-defender engagements, but performs sub-optimally in extended attacker-defender interactions.
Summary
A model of strategy formulation is used to study how an adaptive attacker learns to overcome a moving target cyber defense. The attacker-defender interaction is modeled as a game in which a defender deploys a temporal platform migration defense. Against this defense, a population of attackers develop strategies specifying the...
READ MORE
Strategic evolution of adversaries against temporal platform diversity active cyber defenses
April 13, 2014
Conference Paper
Published in:
2014 Spring Simulation Multi-Confernece, SpringSim 2014, 13-16 April 2014.
Topic:
R&D area:
R&D group:
Summary
Adversarial dynamics are a critical facet within the cyber security domain, in which there exists a co-evolution between attackers and defenders in any given threat scenario. While defenders leverage capabilities to minimize the potential impact of an attack, the adversary is simultaneously developing countermeasures to the observed defenses. In this study, we develop a set of tools to model the adaptive strategy formulation of an intelligent actor against an active cyber defensive system. We encode strategies as binary chromosomes representing finite state machines that evolve according to Holland's genetic algorithm. We study the strategic considerations including overall actor reward balanced against the complexity of the determined strategies. We present a series of simulation results demonstrating the ability to automatically search a large strategy space for optimal resultant fitness against a variety of counter-strategies.
Summary
Adversarial dynamics are a critical facet within the cyber security domain, in which there exists a co-evolution between attackers and defenders in any given threat scenario. While defenders leverage capabilities to minimize the potential impact of an attack, the adversary is simultaneously developing countermeasures to the observed defenses. In this...
READ MORE