4,580 research outputs found
A Stochastic Model of Active Cyber Defense Dynamics
The concept of active cyber defense has been proposed for years. However,
there are no mathematical models for characterizing the effectiveness of active
cyber defense. In this paper, we fill the void by proposing a novel Markov
process model that is native to the interaction between cyber attack and active
cyber defense. Unfortunately, the native Markov process model cannot be tackled
by the techniques we are aware of. We therefore simplify, via mean-field
approximation, the Markov process model as a Dynamic System model that is
amenable to analysis. This allows us to derive a set of valuable analytical
results that characterize the effectiveness of four types of active cyber
defense dynamics. Simulations show that the analytical results are inherent to
the native Markov process model, and therefore justify the validity of the
Dynamic System model. We also discuss the side-effect of the mean-field
approximation and its implications
Active Cyber Defense Dynamics Exhibiting Rich Phenomena
The Internet is a man-made complex system under constant attacks (e.g.,
Advanced Persistent Threats and malwares). It is therefore important to
understand the phenomena that can be induced by the interaction between cyber
attacks and cyber defenses. In this paper, we explore the rich phenomena that
can be exhibited when the defender employs active defense to combat cyber
attacks. To the best of our knowledge, this is the first study that shows that
{\em active cyber defense dynamics} (or more generally, {\em cybersecurity
dynamics}) can exhibit the bifurcation and chaos phenomena. This has profound
implications for cyber security measurement and prediction: (i) it is
infeasible (or even impossible) to accurately measure and predict cyber
security under certain circumstances; (ii) the defender must manipulate the
dynamics to avoid such {\em unmanageable situations} in real-life defense
operations.Comment: Proceedings of 2015 Symposium on the Science of Security (HotSoS'15
- …