Related papers: Optimizing Active Cyber Defense
In the contemporary digital landscape, cybersecurity has become a critical issue due to the increasing frequency and sophistication of cyber attacks. This study utilizes a non-zero-sum game theoretical framework to model the strategic…
An analytical approach for a dynamic cyber-security problem that captures progressive attacks to a computer network is presented. We formulate the dynamic security problem from the defender's point of view as a supervisory control problem…
In this paper, we analyze the infection spreading dynamics of malware in a population of cyber nodes (i.e., computers or devices). Unlike most prior studies where nodes are reactive to infections, in our setting some nodes are active…
Active cyber defenses based on temporal platform diversity have been proposed as way to make systems more resistant to attacks. These defenses change the properties of the platforms in order to make attacks more complicated. Unfortunately,…
Cyber risk has become a critical financial threat in today's interconnected digital economy. This paper introduces a cyber-risk management framework for networked digital systems that combines the strategic behavior of players with…
Internet users such as individuals and organizations are subject to different types of epidemic risks such as worms, viruses, spams, and botnets. To reduce the probability of risk, an Internet user generally invests in traditional security…
A model of strategy formulation is used to study how an adaptive attacker learns to overcome a moving target cyber defense. The attacker-defender interaction is modeled as a game in which a defender deploys a temporal platform migration…
This paper studies the problem of defending (1D and 2D) boundaries against a large number of continuous attacks with a heterogeneous group of defenders. The defender team has perfect information of the attack events within some time (finite…
This paper proposes a game-theoretic method to address the problem of optimal detector placement in a networked control system under cyber-attacks. The networked control system is composed of interconnected agents where each agent is…
Adversarial dynamics are a critical facet within the cyber security domain, in which there exists a co-evolution between attackers and defenders in any given threat scenario. While defenders leverage capabilities to minimize the potential…
Advanced persistent threats (APTs) are stealthy attacks which make use of social engineering and deception to give adversaries insider access to networked systems. Against APTs, active defense technologies aim to create and exploit…
The new cyber attack pattern of advanced persistent threat (APT) has posed a serious threat to modern society. This paper addresses the APT defense problem, i.e., the problem of how to effectively defend against an APT campaign. Based on a…
In this paper, we propose a game-theoretical framework to investigate advanced persistent threat problems with two types of insider threats: malicious and inadvertent. Within this framework, a unified three-player game is established and…
In cybersecurity, attackers range from brash, unsophisticated script kiddies and cybercriminals to stealthy, patient advanced persistent threats. When modeling these attackers, we can observe that they demonstrate different risk-seeking and…
The internet landscape is growing and at the same time becoming more heterogeneous. Services are performed via computers and networks, critical data is stored digitally. This enables freedom for the user, and flexibility for operators. Data…
Advanced Persistent Threats (APTs) have recently emerged as a significant security challenge for a cyber-physical system due to their stealthy, dynamic and adaptive nature. Proactive dynamic defenses provide a strategic and holistic…
We investigate the scale of attack and defense mathematically in the context of AI's possible effect on cybersecurity. For a given target today, highly scaled cyber attacks such as from worms or botnets typically all fail or all succeed.…
We explore an optimal impulse control problem wherein an electronic device owner strategically calibrates protection levels against cyber attacks. Utilizing epidemiological compartment models, we qualitatively characterize the dynamics of…
We consider the problem of a dynamical network whose dynamics is subject to external perturbations (`attacks') locally applied at a subset of the network nodes. We assume that the network has an ability to defend itself against attacks with…
Nowadays, considering the speed of the processes and the amount of data used in cyber defense, it cannot be expected to have an effective defense by using only human power without the help of automation systems. However, for the effective…