Optimal Network Security Hardening Using Attack Graph Games
نویسندگان
چکیده
Preventing the attacks in a computer network is the core problem in network security. We introduce a new game-theoretic model of the interaction between a network administrator who uses limited resource to harden a network and an attacker who follows a multistage plan to attack the network. The possible plans of the attacker are compactly represented using attack graphs, while the defender adds fake targets (honeypots) to the network to deceive the attacker. The compact representation of the attacker’s strategies presents a computational challenge and finding the best response of the attacker is NP-hard. We present a solution method that first translates an attack graph into a MDP and solves it using policy search with a set of pruning techniques. We present an empirical evaluation of the model and solution algorithms, evaluating scalability, the types of solutions that are generated for realistic cases, and sensitivity analysis.
منابع مشابه
Game-Theoretic Algorithms for Optimal Network Security Hardening Using Attack Graphs
In network security hardening a network administrator may need to use limited resources (such as honeypots) to harden a network against possible attacks. Attack graphs are a common formal model used to represent possible attacks. However, most existing works on attack graphs do not consider the reactions of attackers to different defender strategies. We introduce a game-theoretic model of the j...
متن کاملCharacterizing and Aggregating Attack Graph-based Security Metrics
Idika, Nwokedi C. Ph.D., Purdue University, August, 2010. Characterizing and Aggregating Attack Graph-based Security Metrics. Major Professor: Bharat K. Bhargava. An attack graph is an abstraction that represents the ways an attacker can violate a security policy by leveraging interdependencies among discovered vulnerabilities. Attack graph analyses that extract security-relevant information fr...
متن کاملApproximate Solutions for Attack Graph Games with Imperfect Information
We study the problem of network security hardening, in which a network administrator decides what security measures to use to best improve the security of the network. Specifically, we focus on deploying decoy services or hosts called honeypots. We model the problem as a general-sum extensive-form game with imperfect information and seek a solution in the form of Stackelberg Equilibrium. The de...
متن کاملAttack Graph Based Security Metrics: State of the Art
In this paper, we discussed the development of Attack Graph-Based Security Metrics that will be used to evaluate the security of a network. Attack Graph-Based Security Metrics recently used simultaneously to form a Multiple Attack Graph-Based Security Metrics. Furthermore, Multiple Attack Graph-Based Security Metrics were used to evaluate the two networks so it can be inferred which network is ...
متن کاملEfficient Minimum-Cost Network Hardening Via Exploit Dependency Graphs
In-depth analysis of network security vulnerability must consider attacker exploits not just in isolation, but also in combination. The general approach to this problem is to compute attack paths (combinations of exploits), from which one can decide whether a given set of network hardening measures guarantees the safety of given critical resources. We go beyond attack paths to compute actual se...
متن کامل