Cited By
View all- Sinha A(2022)AI and Security: A Game Perspective2022 14th International Conference on COMmunication Systems & NETworkS (COMSNETS)10.1109/COMSNETS53615.2022.9668430(393-396)Online publication date: 4-Jan-2022
Two Can Play That Game: An Adversarial Evaluation of a Cyber-Alert Inspection System
Article No.: 32, Pages 1 - 20
Abstract
Cyber-security is an important societal concern. Cyber-attacks have increased in numbers as well as in the extent of damage caused in every attack. Large organizations operate a Cyber Security Operation Center (CSOC), which forms the first line of cyber-defense. The inspection of cyber-alerts is a critical part of CSOC operations (defender or blue team). Recent work proposed a reinforcement learning (RL) based approach for the defender’s decision-making to prevent the cyber-alert queue length from growing large and overwhelming the defender. In this article, we perform a red team (adversarial) evaluation of this approach. With the recent attacks on learning-based decision-making systems, it is even more important to test the limits of the defender’s RL approach. Toward that end, we learn several adversarial alert generation policies and the best response against them for various defender’s inspection policy. Surprisingly, we find the defender’s policies to be quite robust to the best response of the attacker. In order to explain this observation, we extend the earlier defender’s RL model to a game model with adversarial RL, and show that there exist defender policies that can be robust against any adversarial policy. We also derive a competitive baseline from the game theory model and compare it to the defender’s RL approach. However, when we go further to exploit the assumptions made in the Markov Decision Process (MDP) in the defender’s RL model, we discover an attacker policy that overwhelms the defender. We use a double oracle like approach to retrain the defender with episodes from this discovered attacker policy. This made the defender robust to the discovered attacker policy and no further harmful attacker policies were discovered. Overall, the adversarial RL and double oracle approach in RL are general techniques that are applicable to other RL usage in adversarial environments.
References
[1]
Bob Ackerman. 2017. The healthcare industry is in a world of cybersecurity hurt. Retrieved August 10, 2018 from https://tcrn.ch/2OqmOX9.techcrunch.com.
[2]
Eitan Altman. 2005. Applications of Dynamic Games in Queues. Birkhäuser Boston, 309--342.
[3]
Itai Ashlagi, Brendan Lucier, and Moshe Tennenholtz. 2013. Equilibria of online scheduling algorithms. In AAAI.
[4]
Vahid Behzadan and Arslan Munir. 2017. Vulnerability of deep reinforcement learning to policy induction attacks. In International Conference on Machine Learning and Data Mining in Pattern Recognition. Springer, 262--275.
[5]
Richard Bejtlich. 2005. The Tao of Network Security Monitoring: Beyond Intrusion Detection. Pearson Education Inc.
[6]
Sandeep Bhatt, Pratyusa K. Manadhata, and Loai Zomlot. 2014. The operational role of security information and event management systems. IEEE Security 8 Privacy 12, 5 (2014), 35--41.
[7]
Jeremiah Blocki, Nicolas Christin, Anupam Datta, Ariel D. Procaccia, and Arunesh Sinha. 2013. Audit games. In Proceedings of IJCAI.
[8]
Matthew Brown, Arunesh Sinha, Aaron Schlenker, and Milind Tambe. 2016. One size does not fit all: A game-theoretic approach for dynamically and effectively screening for threats. In Proceedings of AAAI.
[9]
Corbin Carlo. 2003. Intrusion detection evasion: How Attackers get past the burglar alarm. Retrieved February 10, 2019 from https://www.sans.org/reading-room/whitepapers/detection/intrusion-detection-evasion-attackers-burglar-alarm-1284. SANS Institute.
[10]
Jacob W. Cohen. 2012. On Regenerative Processes in Queueing Theory. Vol. 121. Springer Science 8 Business Media.
[11]
Jacob Willem Cohen and Anthony Browne. 1982. The Single Server Queue. Vol. 8. North-Holland Amsterdam.
[12]
Tim Crothers. 2002. Implementing Intrusion Detection Systems. Wiley Publishing Inc.
[13]
Anita D’Amico and Kirsten Whitley. 2008. VizSEC 2007: Proceedings of the Workshop on Visualization for Computer Security. Springer Berlin, 19--37.
[14]
Karel Durkota, Viliam Lisy, Branislav Bošansky, and Christopher Kiekintveld. 2015. Optimal network security hardening using attack graph games. In International Conference on Artificial Intelligence. 526--532.
[15]
Avshalom Elmalech, David Sarne, Avi Rosenfeld, and Eden Shalom Erez. 2015. When suboptimal rules. In Proceedings of AAAI.
[16]
Rajesh Ganesan, Sushil Jajodia, and Hasan Cam. 2017. Optimal scheduling of cybersecurity analyst for minimizing risk. ACM Transactions on Intelligent Systems and Technology 8, 4, Article 52 (Feb. 2017), 1–32. http://dx.doi.org/10.1145/2914795
[17]
Hugo Gimbert, Jérôme Renault, Sylvain Sorin, Xavier Venel, and Wiesław Zielonka. 2016. On values of repeated games with signals. The Annals of Applied Probability 26, 1 (2016), 402--424.
[18]
Marek Grześ. 2017. Reward shaping in episodic reinforcement learning. In Proceedings of the 16th Conference on Autonomous Agents and MultiAgent Systems. International Foundation for Autonomous Agents and Multiagent Systems, 565--573.
[19]
Eric A. Hansen, Daniel S. Bernstein, and Shlomo Zilberstein. 2004. Dynamic programming for partially observable stochastic games. In Proceedings of the 19th National Conference on Artificial Intelligence. 709--715.
[20]
Sandy Huang, Nicolas Papernot, Ian Goodfellow, Yan Duan, and Pieter Abbeel. 2017. Adversarial attacks on neural network policies. arXiv preprint arXiv:1702.02284 (2017).
[21]
Marc Lanctot, Vinicius Zambaldi, Audrunas Gruslys, Angeliki Lazaridou, Karl Tuyls, Julien Pérolat, David Silver, and Thore Graepel. 2017. A unified game-theoretic approach to multiagent reinforcement learning. In Advances in Neural Information Processing Systems. 4190--4203.
[22]
Aron Laszka, Jian Lou, and Yevgeniy Vorobeychik. 2016. Multi-defender strategic filtering against spear-phishing attacks. In AAAI.
[23]
Shuxin Li, Xiaohong Li, Jianye Hao, Bo An, Zhiyong Feng, Kangjie Chen, and Chengwei Zhang. 2017. Defending against man-in-the-middle attack in repeated games. In International Joint Conference on Artificial Intelligence.
[24]
Yen-Chen Lin, Zhang-Wei Hong, Yuan-Hong Liao, Meng-Li Shih, Ming-Yu Liu, and Min Sun. 2017. Tactics of adversarial attack on deep reinforcement learning agents. In Proceedings of ICJAI.
[25]
Carl Manion. 2016. How to Avoid Wasting Time on False Positives. Retrieved August 10, 2018 from https://www.rsaconference.com/blogs/how-to-avoid-wasting-time-on-false-positives. Raytheon Foreground Security.
[26]
H. Brendan McMahan, Geoffrey J. Gordon, and Avrim Blum. 2003. Planning in the presence of cost functions controlled by an adversary. In Proceedings of the 20th International Conference on Machine Learning (ICML-03). 536--543.
[27]
Jean-FranÃğois Mertens, Sylvain Sorin, and Shmuel Zamir. 2015. Repeated Games. Cambridge University Press.
[28]
Andrew Y. Ng, Daishi Harada, and Stuart Russell. 1999. Policy invariance under reward transformations: Theory and application to reward shaping. In ICML, Vol. 99. 278--287.
[29]
Mina Guirguis Noah Dunstatter and Alireza Tahsini. 2018. Allocating security analysts to cyber alerts using Markov games. In Proceedings of National Cyber Summit.
[30]
Lerrel Pinto, James Davidson, Rahul Sukthankar, and Abhinav Gupta. 2017. Robust adversarial reinforcement learning. In International Conference on Machine Learning. 2817--2826.
[31]
David Pollard. 2015. A few good inequalities. Retrieved from http://www.stat.yale.edu/ pollard/Books/Mini/Basic.pdf.
[32]
Amin Rasoulifard, Abbas Ghaemi Bafghi, and Mohsen Kahani. 2008. Incremental hybrid intrusion detection using ensemble of weak classifiers. In Advances in Computer Science and Engineering. Springer, 577--584.
[33]
Marco Tulio Ribeiro, Sameer Singh, and Carlos Guestrin. 2016. Why should I trust you?: Explaining the predictions of any classifier. In SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM.
[34]
Aaron Schlenker, Omkar Thakoor, Haifeng Xu, Fei Fang, Milind Tambe, Long Tran-Thanh, Phebe Vayanos, and Yevgeniy Vorobeychik. 2018. Deceiving cyber adversaries: A game theoretic approach. In International Conference on Autonomous Agents and MultiAgent Systems.
[35]
Aaron Schlenker, Haifeng Xu, Mina Guirguis, Chris Kiekintveld, Arunesh Sinha, Milind Tambe, Solomon Sonya, Darryl Balderas, and Noah Dunstatter. 2017. Don’t bury your head in warnings: A game-theoretic approach for intelligent allocation of cyber-security alerts. In Proceedings of IJCAI.
[36]
Ankit Shah, Rajesh Ganesan, Sushil Jajodia, and Hasan Cam. 2018. Dynamic optimization of the level of operational effectiveness of a CSOC under adverse conditions. ACM Transactions on Intelligent Systems and Technology 9, 5 (2018), 1–20.
[37]
Ankit Shah, Rajesh Ganesan, Sushil Jajodia, and Hasan Cam. 2018. A methodology to measure and monitor level of operational effectiveness of a CSOC. International Journal of Information Security 17, 2 (Apr. 2018), 121--134.
[38]
Ankit Shah, Rajesh Ganesan, Sushil Jajodia, and Hasan Cam. 2019. Understanding tradeoffs between throughput, quality, and cost of alert analysis in a CSOC. IEEE Transactions on Information Forensics and Security 14, 5 (2019), 1155--1170.
[39]
Sebastian Stein, Enrico H. Gerding, Adrian Nedea, Avi Rosenfeld, and Nicholas R. Jennings. 2017. Market interfaces for electric vehicle charging. Journal of Artificial Intelligence Research 59 (2017), 175--227.
[40]
Kimberly Underwood. 2017. Cyber Attacks on Government Agencies on the Rise. Retrieved August 10, 2018 from https://www.afcea.org/content/cyber-attacks-government-agencies-rise.
[41]
Yufei Wang, Zheyuan Ryan Shi, Lantao Yu, Yi Wu, Rohit Singh, Lucas Joppa, and Fei Fang. 2018. Deep reinforcement learning for green security games with real-time information. 33, 1 (2018), 1401–1408.
[42]
Chao Yan, Bo Li, Yevgeniy Vorobeychik, Aron Laszka, Daniel Fabbri, and Bradley Malin. 2018. Get your workload in order: Game theoretic prioritization of database auditing. In International Conference on Data Engineering.
[43]
Mengchen Zhao, Bo An, and Christopher Kiekintveld. 2016. Optimizing personalized email filtering thresholds to mitigate sequential spear phishing attacks. In AAAI.
Index Terms
- Two Can Play That Game: An Adversarial Evaluation of a Cyber-Alert Inspection System
Recommendations
Towards a bayesian network game framework for evaluating DDoS attacks and defense
CCS '12: Proceedings of the 2012 ACM conference on Computer and communications securityWith a long history of compromising Internet security, Distributed Denial-of-Service (DDoS) attacks have been intensively investigated and numerous countermeasures have been proposed to defend against them. In this work, we propose a non-standard game-...
Reinforcement Learning for Autonomous Defence in Software-Defined Networking
Decision and Game Theory for SecurityAbstractDespite the successful application of machine learning (ML) in a wide range of domains, adaptability—the very property that makes machine learning desirable—can be exploited by adversaries to contaminate training and evade classification. In this ...
Governments' and Terrorists' Defense and Attack in a T-Period Game
We analyze how a government allocates its resources between attacking to downgrade a terrorist's resources and defending against a terrorist attack. Analogously, the terrorist allocates its resources between attacking a government's asset and defending ...
Comments
Information & Contributors
Information
Published In
June 2020
286 pages
Copyright © 2020 ACM.
Publication rights licensed to ACM. ACM acknowledges that this contribution was authored or co-authored by an employee, contractor or affiliate of the United States government. As such, the Government retains a nonexclusive, royalty-free right to publish or reproduce this article, or to allow others to do so, for Government purposes only.
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 03 April 2020
Accepted: 01 December 2019
Revised: 01 November 2019
Received: 01 April 2019
Published in TIST Volume 11, Issue 3
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed
Funding Sources
- Army Research Office under MURI
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 388Total Downloads
- Downloads (Last 12 months)50
- Downloads (Last 6 weeks)3
Reflects downloads up to 01 Sep 2024
Other Metrics
Citations
Cited By
View all- Sinha A(2022)AI and Security: A Game Perspective2022 14th International Conference on COMmunication Systems & NETworkS (COMSNETS)10.1109/COMSNETS53615.2022.9668430(393-396)Online publication date: 4-Jan-2022
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign inFull Access
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML Format