Work Description

Title: Multi-Stage Attack Graph Security Games: Heuristic Strategies, with Empirical Game-Theoretic Analysis --- Dataset Open Access Deposited

Attribute Value
Methodology
  • Empirical Game-Theoretic Analysis Online
Description
  • In this work , we study the problem of allocating limited security countermeasures to protect network data from cyber-attacks, for scenarios modeled by Bayesian attack graphs. We consider multi-stage interactions between a network administrator and cybercriminals, formulated as a security game. We propose parameterized heuristic strategies for the attacker and defender and provide detailed analysis of their time complexity. Our heuristics exploit the topological structure of attack graphs and employ sampling methods to overcome the computational complexity in predicting opponent actions. Due to the complexity of the game, we employ a simulation-based approach and perform empirical game analysis over an enumerated set of heuristic strategies. Finally, we conduct experiments in various game settings to evaluate the performance of our heuristics in defending networks, in a manner that is robust to uncertainty about the security environment.
Creator
Depositor
  • thanhhng@umich.edu
Contact information
Discipline
Funding agency
  • Department of Defense (DOD)
Other funding agency
  • Department of Defense (DOD)
ORSP grant number
  • W911NF-13-1-0421
Keyword
Citations
  • Nguyen, T. H., Wright, M., Wellman, M. P., & Singh, S. (2017). Multi-stage attack graph security games: Heuristic strategies, with empirical game-theoretic analysis. In MTD 2017 - Proceedings of the 2017 Workshop on Moving Target Defense, co-located with CCS 2017 (Vol. 2017-January, pp. 87-97). Association for Computing Machinery, Inc. https://doi.org/10.1145/3140549.3140562
Resource type
Last modified
  • 07/02/2018
DOI
  • doi:10.7302/Z2F18WX2
CC License

Relationships

Files (Count: 2; Size: 5.62 MB)

Download will include text file of metadata.

Files are ready   Link to Globus download directory
Globus is for large data sets.   What is Globus?