Modeling And Simulation Of Cooperation And Learning In Cyber Security Defense Teams
نویسندگان
چکیده
Cyber security analysts may be organized in teams to share skills and support each other upon the occurrence of cyber attacks. Team work is expected to enforce the mitigation capability against unpredictable attacks addressed against a set of cyber assets requiring protection. A conceptual model for evaluating the expected performances of cooperating analysts by reproducing their learning process within a team is proposed. Analytical approaches to solve the underlying state-space model under stochastic evolution and discrete-event simulation are both discussed. The basic assumption is that a set of regeneration points corresponds to skill achievement through learning. A Simulation-based Optimization (SO) tool ranging from the inner level modeling of the cooperation-based learning process to the outer assignment of analysts to assets is then presented. Team formation may be supported by the SO tool for obtaining the team composition, in terms of individuals and skills, that maximizes system performance measures. Numerical results are reported for illustrative purposes.
منابع مشابه
Application of Stochastic Optimal Control, Game Theory and Information Fusion for Cyber Defense Modelling
The present paper addresses an effective cyber defense model by applying information fusion based game theoretical approaches. In the present paper, we are trying to improve previous models by applying stochastic optimal control and robust optimization techniques. Jump processes are applied to model different and complex situations in cyber games. Applying jump processes we propose some m...
متن کاملAdaptive Attacker Strategy Development Against Moving Target Cyber Defenses
A model of strategy formulation is used to study how an adaptive attacker learns to overcome a moving target cyber defense. The attacker-defender interaction is modeled as a game in which a defender deploys a temporal platform migration defense. Against this defense, a population of attackers develop strategies specifying the temporal ordering of resource investments that bring targeted zero-da...
متن کاملAgent-based Modeling and Simulation of Cyber-warfare between Malefactors and Security Agents in Internet
The paper considers an approach to modeling and simulation of cyber-wars in Internet between the teams of software agents. Each team is a community of agents cloned on various network hosts. The approach is considered by an example of modeling and simulation of “Distributed Denial of Service” (DDoS) attacks and protection against them. Agents of different teams compete to reach antagonistic int...
متن کاملAgent-based Modeling and Simulation of Botnets and Botnet Defense
Nowadays we are witnesses of the rapid spread of botnets across the Internet and using them for different cyber attacks against our systems. Botnets join a huge number of compromised computers in the Internet and allow using these computers for performing vulnerability scans, distributing denial-of-service (DDoS) attacks and sending enormous amounts of spam emails. It is a very complex task to ...
متن کاملCoordination and Cooperation in Cyber Network Defense: the Dutch Efforts to Prevent and Respond
Effective Computer Network Defense requires close cooperation and collaboration between government and industry, science and education, national and international efforts. The Netherlands offers a concrete example of a successful public-private partnership aimed at improving overall cyber security for its society in general, including government, industry, and citizens. This requires more that ...
متن کامل