435 research outputs found
Toward optimal multi-objective models of network security: Survey
Information security is an important aspect of a successful business today. However, financial difficulties and budget cuts create a problem of selecting appropriate security measures and keeping networked systems up and running. Economic models proposed in the literature do not address the challenging problem of security countermeasure selection. We have made a classification of security models, which can be used to harden a system in a cost effective manner based on the methodologies used. In addition, we have specified the challenges of the simplified risk assessment approaches used in the economic models and have made recommendations how the challenges can be addressed in order to support decision makers
Towards optimal multi-objective models of network security: survey
Information security is an important aspect of a successful business today. However, financial difficulties and budget cuts create a problem of selecting appropriate security measures and keeping networked systems up and running. Economic models proposed in the literature do not address the challenging problem of security countermeasure selection. We have made a classification of security models, which can be used to harden a system in a cost effective manner based on the methodologies used. In addition, we have specified the challenges of the simplified risk assessment approaches used in the economic models and have made recommendations how the challenges can be addressed in order to support decision makers
A Cost-effective Shuffling Method against DDoS Attacks using Moving Target Defense
Moving Target Defense (MTD) has emerged as a newcomer into the asymmetric
field of attack and defense, and shuffling-based MTD has been regarded as one
of the most effective ways to mitigate DDoS attacks. However, previous work
does not acknowledge that frequent shuffles would significantly intensify the
overhead. MTD requires a quantitative measure to compare the cost and
effectiveness of available adaptations and explore the best trade-off between
them. In this paper, therefore, we propose a new cost-effective shuffling
method against DDoS attacks using MTD. By exploiting Multi-Objective Markov
Decision Processes to model the interaction between the attacker and the
defender, and designing a cost-effective shuffling algorithm, we study the best
trade-off between the effectiveness and cost of shuffling in a given shuffling
scenario. Finally, simulation and experimentation on an experimental software
defined network (SDN) indicate that our approach imposes an acceptable
shuffling overload and is effective in mitigating DDoS attacks
Designing the Game to Play: Optimizing Payoff Structure in Security Games
Effective game-theoretic modeling of defender-attacker behavior is becoming
increasingly important. In many domains, the defender functions not only as a
player but also the designer of the game's payoff structure. We study
Stackelberg Security Games where the defender, in addition to allocating
defensive resources to protect targets from the attacker, can strategically
manipulate the attacker's payoff under budget constraints in weighted L^p-norm
form regarding the amount of change. Focusing on problems with weighted
L^1-norm form constraint, we present (i) a mixed integer linear program-based
algorithm with approximation guarantee; (ii) a branch-and-bound based algorithm
with improved efficiency achieved by effective pruning; (iii) a polynomial time
approximation scheme for a special but practical class of problems. In
addition, we show that problems under budget constraints in L^0-norm form and
weighted L^\infty-norm form can be solved in polynomial time. We provide an
extensive experimental evaluation of our proposed algorithms
DAG-Based Attack and Defense Modeling: Don't Miss the Forest for the Attack Trees
This paper presents the current state of the art on attack and defense
modeling approaches that are based on directed acyclic graphs (DAGs). DAGs
allow for a hierarchical decomposition of complex scenarios into simple, easily
understandable and quantifiable actions. Methods based on threat trees and
Bayesian networks are two well-known approaches to security modeling. However
there exist more than 30 DAG-based methodologies, each having different
features and goals. The objective of this survey is to present a complete
overview of graphical attack and defense modeling techniques based on DAGs.
This consists of summarizing the existing methodologies, comparing their
features and proposing a taxonomy of the described formalisms. This article
also supports the selection of an adequate modeling technique depending on user
requirements
- âŚ