2,738 research outputs found
Active Cyber Defense Dynamics Exhibiting Rich Phenomena
The Internet is a man-made complex system under constant attacks (e.g.,
Advanced Persistent Threats and malwares). It is therefore important to
understand the phenomena that can be induced by the interaction between cyber
attacks and cyber defenses. In this paper, we explore the rich phenomena that
can be exhibited when the defender employs active defense to combat cyber
attacks. To the best of our knowledge, this is the first study that shows that
{\em active cyber defense dynamics} (or more generally, {\em cybersecurity
dynamics}) can exhibit the bifurcation and chaos phenomena. This has profound
implications for cyber security measurement and prediction: (i) it is
infeasible (or even impossible) to accurately measure and predict cyber
security under certain circumstances; (ii) the defender must manipulate the
dynamics to avoid such {\em unmanageable situations} in real-life defense
operations.Comment: Proceedings of 2015 Symposium on the Science of Security (HotSoS'15
Distributed interaction between computer virus and patch: A modeling study
The decentralized patch distribution mechanism holds significant promise as
an alternative to its centralized counterpart. For the purpose of accurately
evaluating the performance of the decentralized patch distribution mechanism
and based on the exact SIPS model that accurately captures the average dynamics
of the interaction between viruses and patches, a new virus-patch interacting
model, which is known as the generic SIPS model, is proposed. This model
subsumes the linear SIPS model. The dynamics of the generic SIPS model is
studied comprehensively. In particular, a set of criteria for the final
extinction or/and long-term survival of viruses or/and patches are presented.
Some conditions for the linear SIPS model to accurately capture the average
dynamics of the virus-patch interaction are empirically found. As a
consequence, the linear SIPS model can be adopted as a standard model for
assessing the performance of the distributed patch distribution mechanism,
provided the proper conditions are satisfied
- …