Defend against advanced persistent threats: An optimal control approach
نویسندگان
چکیده
The new cyber attack pattern of advanced persistent threats (APTs) poses a serious threat to cyberspace. This paper addresses the issue of defending against APTs in a cost-effective way. First, the APT-based cyber attack-defense processes are modeled as a type of differential dynamical systems. Then, the cyber defense problem is modeled as an optimal control problem. The optimal control problem is shown to have an optimal control, and the optimality system for the problem is presented. Therefore, a cost-effective cyber defense strategy can be figured out by solving the optimality system. Finally, the influences of some factors, including the bounds on the admissible controls and the network topology, on the cost-effective defense strategies are examined. To our knowledge, this is the first time the APT-based cyber defense problem is treated this way.
منابع مشابه
Privacy Preserving Architectures for Collaborative Intrusion Detection
Collaboration among multiple organizations is imperative for contemporary intrusion detection. As modern threats become well sophisticated it is difficult for organizations to defend with threat context local to their networks alone. Availability of global threat intelligence is must for organizations to defend against modern advanced persistent threats (APTs). In order to benefit from such glo...
متن کاملTowards an Operational Semantic Theory of Cyber Defense Against Advanced Persistent Threats
This paper presents current work on developing an operational semantic theory of cyber defense against advanced persistent threats (APTs), which is grounded in cyber threat analytics, science of evidence, knowledge engineering, and machine learning. After introducing advanced persistent threats, it overviews a systematic APT detection framework and the corresponding APT detection models, the fo...
متن کاملMLDS: Multi-Layer Defense System for Preventing Advanced Persistent Threats
Here we report on the issue of Advanced Persistent Threats (APT), which use malware for the purpose of leaking the data of large corporations and government agencies. APT attacks target systems continuously by utilizing intelligent and complex technologies. To overthrow the elaborate security network of target systems, it conducts an attack after undergoing a pre-reconnaissance phase. An APT at...
متن کاملAnomaly Detection in Log Data using Graph Databases and Machine Learning to Defend Advanced Persistent Threats
Advanced Persistent Threats (APTs) are a main impendence in cyber security of computer networks. In 2015, a successful breach remains undetected 146 days on average, reported by [Fi16]. With our work we demonstrate a feasible and fast way to analyse real world log data to detect breaches or breach attempts. By adapting well-known kill chain mechanisms and a combine of a time series database and...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- CoRR
دوره abs/1709.02891 شماره
صفحات -
تاریخ انتشار 2017