2,080 research outputs found
A Survey of Network Requirements for Enabling Effective Cyber Deception
In the evolving landscape of cybersecurity, the utilization of cyber
deception has gained prominence as a proactive defense strategy against
sophisticated attacks. This paper presents a comprehensive survey that
investigates the crucial network requirements essential for the successful
implementation of effective cyber deception techniques. With a focus on diverse
network architectures and topologies, we delve into the intricate relationship
between network characteristics and the deployment of deception mechanisms.
This survey provides an in-depth analysis of prevailing cyber deception
frameworks, highlighting their strengths and limitations in meeting the
requirements for optimal efficacy. By synthesizing insights from both
theoretical and practical perspectives, we contribute to a comprehensive
understanding of the network prerequisites crucial for enabling robust and
adaptable cyber deception strategies
Gaming security by obscurity
Shannon sought security against the attacker with unlimited computational
powers: *if an information source conveys some information, then Shannon's
attacker will surely extract that information*. Diffie and Hellman refined
Shannon's attacker model by taking into account the fact that the real
attackers are computationally limited. This idea became one of the greatest new
paradigms in computer science, and led to modern cryptography.
Shannon also sought security against the attacker with unlimited logical and
observational powers, expressed through the maxim that "the enemy knows the
system". This view is still endorsed in cryptography. The popular formulation,
going back to Kerckhoffs, is that "there is no security by obscurity", meaning
that the algorithms cannot be kept obscured from the attacker, and that
security should only rely upon the secret keys. In fact, modern cryptography
goes even further than Shannon or Kerckhoffs in tacitly assuming that *if there
is an algorithm that can break the system, then the attacker will surely find
that algorithm*. The attacker is not viewed as an omnipotent computer any more,
but he is still construed as an omnipotent programmer.
So the Diffie-Hellman step from unlimited to limited computational powers has
not been extended into a step from unlimited to limited logical or programming
powers. Is the assumption that all feasible algorithms will eventually be
discovered and implemented really different from the assumption that everything
that is computable will eventually be computed? The present paper explores some
ways to refine the current models of the attacker, and of the defender, by
taking into account their limited logical and programming powers. If the
adaptive attacker actively queries the system to seek out its vulnerabilities,
can the system gain some security by actively learning attacker's methods, and
adapting to them?Comment: 15 pages, 9 figures, 2 tables; final version appeared in the
Proceedings of New Security Paradigms Workshop 2011 (ACM 2011); typos
correcte
Improvise, Adapt, Overcome: Dynamic Resiliency Against Unknown Attack Vectors in Microgrid Cybersecurity Games
Cyber-physical microgrids are vulnerable to rootkit attacks that manipulate
system dynamics to create instabilities in the network. Rootkits tend to hide
their access level within microgrid system components to launch sudden attacks
that prey on the slow response time of defenders to manipulate system
trajectory. This problem can be formulated as a multi-stage, non-cooperative,
zero-sum game with the attacker and the defender modeled as opposing players.
To solve the game, this paper proposes a deep reinforcement learning-based
strategy that dynamically identifies rootkit access levels and isolates
incoming manipulations by incorporating changes in the defense plan. A major
advantage of the proposed strategy is its ability to establish resiliency
without altering the physical transmission/distribution network topology,
thereby diminishing potential instability issues. The paper also presents
several simulation results and case studies to demonstrate the operating
mechanism and robustness of the proposed strategy
Game Theory in Distributed Systems Security: Foundations, Challenges, and Future Directions
Many of our critical infrastructure systems and personal computing systems
have a distributed computing systems structure. The incentives to attack them
have been growing rapidly as has their attack surface due to increasing levels
of connectedness. Therefore, we feel it is time to bring in rigorous reasoning
to secure such systems. The distributed system security and the game theory
technical communities can come together to effectively address this challenge.
In this article, we lay out the foundations from each that we can build upon to
achieve our goals. Next, we describe a set of research challenges for the
community, organized into three categories -- analytical, systems, and
integration challenges, each with "short term" time horizon (2-3 years) and
"long term" (5-10 years) items. This article was conceived of through a
community discussion at the 2022 NSF SaTC PI meeting.Comment: 11 pages in IEEE Computer Society magazine format, including
references and author bios. There is 1 figur
- …