research-article

Multi-Stage Attack Graph Security Games: Heuristic Strategies, with Empirical Game-Theoretic Analysis

Authors:

Thanh H. Nguyen,

Michael P. Wellman, and

Satinder BavejaAuthors Info & Claims

MTD '17: Proceedings of the 2017 Workshop on Moving Target Defense

October 2017

Pages 87 - 97

https://doi.org/10.1145/3140549.3140562

Published: 30 October 2017 Publication History

Abstract

We study the problem of allocating limited security countermeasures to protect network data from cyber-attacks, for scenarios modeled by Bayesian attack graphs. We consider multi-stage interactions between a network administrator and cybercriminals, formulated as a security game. This formulation is capable of representing security environments with significant dynamics and uncertainty, and very large strategy spaces. For the game model, we propose parameterized heuristic strategies for both players. Our heuristics exploit the topological structure of the attack graphs and employ different sampling methodologies to overcome the computational complexity in determining players' actions. Given the complexity of the game, we employ a simulation-based methodology, and perform empirical game analysis over an enumerated set of these heuristic strategies. Finally, we conduct experiments based on a variety of game settings to demonstrate the advantages of our heuristics in obtaining effective defense strategies which are robust to the uncertainty of the security environment.

References

[1]

S. Bistarelli, M. Dall'Aglio, and P. Peretti. Strategic games on defense trees. In International Workshop on Formal Aspects in Security and Trust, pages 1--15. Springer, 2006.

[2]

W. R. Cheswick, S. M. Bellovin, and A. D. Rubin. Firewalls and Internet Security: Repelling the Wily Hacker. Addison-Wesley, 2003.

Digital Library

[3]

M. Dacier and Y. Deswarte. Privilege graph: An extension to the typed access matrix model. In European Symposium on Research in Computer Security, pages 319--334, 1994.

[4]

M. Dacier, Y. Deswarte, and M. Kaâniche. Models and tools for quantitative assessment of operational security. In S. K. Katsikas and D. Gritzalis, editors, Information Systems Security, pages 179--186. Springer, 1996.

[5]

S. Du, X. Li, J. Du, and H. Zhu. An attack-and-defence game for security assessment in vehicular ad hoc networks. Peer-to-Peer Networking and Applications, 7(3):215--228, 2014.

[6]

K. Durkota, V. Lisỳ, B. Bošsanskỳ, and C. Kiekintveld. Approximate solutions for attack graph games with imperfect information. In 6th International Conference on Decision and Game Theory for Security, pages 228--249, 2015.

[7]

K. Durkota, V. Lisỳ, B. Bošanskỳ, and C. Kiekintveld. Optimal network security hardening using attack graph games. In 24th International Joint Conference on Artificial Intelligence, pages 526--532, 2015.

Digital Library

[8]

D. Evans, A. Nguyen-Tuong, and J. Knight. Effectiveness of moving target defenses. In Jajodia et al. [10].

[9]

M. Frigault, L. Wang, A. Singhal, and S. Jajodia. Measuring network security using dynamic Bayesian network. In 4th ACM Workshop on Quality of Protection, pages 23--30, 2008.

Digital Library

[10]

S. Jajodia, A. K. Ghosh, V. Swarup, C. Wang, and X. S. Wang, editors. Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats. Springer, 2011.

[11]

B. Kordy, S. Mauw, M. Melissen, and P. Schweitzer. Attack - defense trees and two-player binary zero-sum extensive form games are equivalent. In 1st International Conference on Decision and Game Theory for Security, pages 245--256. Springer, 2010.

[12]

B. Kordy, L. Piètre-Cambacédès, and P. Schweitzer. DAG-based attack and defense modeling: Don't miss the forest for the attack trees. Computer Science Review, 13:1--38, 2014.

Digital Library

[13]

Y. Liu and H. Man. Network vulnerability assessment using Bayesian networks. In Defense and Security, pages 61--71. International Society for Optics and Photonics, 2005.

[14]

R. D. McKelvey, A. M. McLennan, and T. L. Turocy. Gambit: Software tools for game theory. Technical report, Version 0.2006.01.20, 2006.

[15]

E. Miehling, M. Rasouli, and D. Teneketzis. Optimal defense policies for partially observable spreading processes on Bayesian attack graphs. In Second ACM Workshop on Moving Target Defense, pages 67--76, 2015.

Digital Library

[16]

A. K. Nandi, H. R. Medal, and S. Vadlamani. Interdicting attack graphs to protect organizations from cyber attacks: A bi-level defender-attacker model. Computers & Operations Research, 75:118--131, 2016.

Digital Library

[17]

C. Phillips and L. P. Swiler. A graph-based system for network-vulnerability analysis. In Workshop on New Security Paradigms, pages 71--79. ACM, 1998.

Digital Library

[18]

N. Poolsappasit, R. Dewri, and I. Ray. Dynamic security risk management using Bayesian attack graphs. IEEE Transactions on Dependable and Secure Computing, 9(1):61--74, 2012.

Digital Library

[19]

United States Government Accountability Office. Information security, 2016. Report to Congressional Requesters.

[20]

R. Van Der Merwe, A. Doucet, N. De Freitas, and E. A. Wan. The unscented particle filter. In Advances in Neural Information Processing Systems, pages 584--590, 2001.

[21]

H. J. Wang, C. Guo, D. R. Simon, and A. Zugenmaier. Shield: Vulnerability-driven network filters for preventing known vulnerability exploits. In ACM SIGCOMM Computer Communication Review, volume 34, pages 193--204, 2004.

Digital Library

[22]

M. P. Wellman. Putting the agent in agent-based modeling. Autonomous Agents and Multi-Agent Systems, 30:1175--1189, 2016.

Digital Library

[23]

Y. Zhang and W. Lee. Intrusion detection in wireless ad-hoc networks. In 6th International Conference on Mobile Computing and Networking, pages 275--283, 2000.

Digital Library

[24]

Q. Zhu and T. Bacsar. Game-theoretic approach to feedback-driven multi-stage moving target defense. In 4th International Conference on Decision and Game Theory for Security, pages 246--263. Springer, 2013.

Digital Library

[25]

S. A. Zonouz, H. Khurana, W. H. Sanders, and T. M. Yardley. RRE: A game-theoretic intrusion response and recovery engine. IEEE Transactions on Parallel and Distributed Systems, 25(2):395--406, 2014.

Digital Library

Cited By

Oruganti PNaghizadeh PAhmed Q(2024)The Impact of Network Design Interventions on the Security of Interdependent SystemsIEEE Transactions on Control of Network Systems10.1109/TCNS.2023.327284911:1(173-184)Online publication date: Mar-2024
https://doi.org/10.1109/TCNS.2023.3272849
Kazeminajafabadi AImani M(2024)Optimal Joint Defense and Monitoring for Networks Security under Uncertainty: A POMDP-Based ApproachIET Information Security10.1049/2024/79667132024(1-20)Online publication date: 27-May-2024
https://doi.org/10.1049/2024/7966713
Xiao SHu JZhang L(2024)A multi-step attack path prediction method for oil & gas intelligence pipeline cyber physics system based on CPNEProcess Safety and Environmental Protection10.1016/j.psep.2024.03.106185(1303-1318)Online publication date: May-2024
https://doi.org/10.1016/j.psep.2024.03.106
Show More Cited By

Recommendations

Moving Target Defense against DDoS Attacks: An Empirical Game-Theoretic Analysis
MTD '16: Proceedings of the 2016 ACM Workshop on Moving Target Defense

Distributed denial-of-service attacks are an increasing problem facing web applications, for which many defense techniques have been proposed, including several moving-target strategies. These strategies typically work by relocating targeted services ...
Read More
A survey: When moving target defense meets game theory
Abstract
Moving target defense (MTD) can break through asymmetry between attackers and defenders. To improve the effectiveness of cybersecurity defense techniques, defense requires not only advanced and practical defense technologies but effective, ...
Read More
Hardening networks against strategic attackers using attack graph games
Abstract
We consider the problem faced by a network administrator (defender) when deploying limited security resources to protect a network against a strategic attacker. To evaluate the effectiveness of a defense strategy, one must consider ...
Read More

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

MTD '17: Proceedings of the 2017 Workshop on Moving Target Defense

October 2017

126 pages

ISBN:9781450351768

DOI:10.1145/3140549

Program Chairs:
Hamed Okhravi
MIT Lincoln Laboratory, USA
,
Xinming Ou
University of South Florida, USA

Copyright © 2017 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 30 October 2017

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

the US Army Research Office

Conference

CCS '17

Sponsor:

SIGSAC

CCS '17: 2017 ACM SIGSAC Conference on Computer and Communications Security

October 30, 2017

Texas, Dallas, USA

Acceptance Rates

MTD '17 Paper Acceptance Rate 9 of 26 submissions, 35%;

Overall Acceptance Rate 40 of 92 submissions, 43%

Upcoming Conference

ICSE 2025

2025 IEEE/ACM 46th International Conference on Software Engineering

April 26 - May 3, 2025

Ottawa , ON , Canada

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

16
Total Citations
View Citations
542
Total Downloads

Downloads (Last 12 months)51
Downloads (Last 6 weeks)1

Other Metrics

View Author Metrics

Citations

Cited By

Oruganti PNaghizadeh PAhmed Q(2024)The Impact of Network Design Interventions on the Security of Interdependent SystemsIEEE Transactions on Control of Network Systems10.1109/TCNS.2023.327284911:1(173-184)Online publication date: Mar-2024
https://doi.org/10.1109/TCNS.2023.3272849
Kazeminajafabadi AImani M(2024)Optimal Joint Defense and Monitoring for Networks Security under Uncertainty: A POMDP-Based ApproachIET Information Security10.1049/2024/79667132024(1-20)Online publication date: 27-May-2024
https://doi.org/10.1049/2024/7966713
Xiao SHu JZhang L(2024)A multi-step attack path prediction method for oil & gas intelligence pipeline cyber physics system based on CPNEProcess Safety and Environmental Protection10.1016/j.psep.2024.03.106185(1303-1318)Online publication date: May-2024
https://doi.org/10.1016/j.psep.2024.03.106
Raju DBakirtzis GTopcu UAgmon NAn BRicci AYeoh W(2023)Memoryless Adversaries in Imperfect Information GamesProceedings of the 2023 International Conference on Autonomous Agents and Multiagent Systems10.5555/3545946.3598940(2379-2381)Online publication date: 30-May-2023
https://dl.acm.org/doi/10.5555/3545946.3598940
Zhang YWard MGuo MNguyen H(2023)A Scalable Double Oracle Algorithm for Hardening Large Active Directory SystemsProceedings of the 2023 ACM Asia Conference on Computer and Communications Security10.1145/3579856.3590343(993-1003)Online publication date: 10-Jul-2023
https://dl.acm.org/doi/10.1145/3579856.3590343
Zhang YLiu FChen H(2022)Optimal strategy selection for attack graph games using deep reinforcement learning2022 IEEE 24th Int Conf on High Performance Computing & Communications; 8th Int Conf on Data Science & Systems; 20th Int Conf on Smart City; 8th Int Conf on Dependability in Sensor, Cloud & Big Data Systems & Application (HPCC/DSS/SmartCity/DependSys)10.1109/HPCC-DSS-SmartCity-DependSys57074.2022.00135(823-830)Online publication date: Dec-2022
https://doi.org/10.1109/HPCC-DSS-SmartCity-DependSys57074.2022.00135
Huang YXiong ZZhu Q(2021)Cross-Layer Coordinated Attacks on Cyber-Physical Systems: A LQG Game Framework with Controlled Observations2021 European Control Conference (ECC)10.23919/ECC54610.2021.9654874(521-528)Online publication date: 29-Jun-2021
https://doi.org/10.23919/ECC54610.2021.9654874
Sharma Oruganti PNaghizadeh PAhmed Q(2021)The Impact of Network Design Interventions on CPS Security2021 60th IEEE Conference on Decision and Control (CDC)10.1109/CDC45484.2021.9683679(3486-3492)Online publication date: 14-Dec-2021
https://doi.org/10.1109/CDC45484.2021.9683679
Jia BTian YZhao DWang XLi CNiu WTong ELiu J(2021)Bidirectional RNN-Based Few-Shot Training for Detecting Multi-stage AttackInformation Security and Cryptology10.1007/978-3-030-71852-7_3(37-52)Online publication date: 13-Mar-2021
https://doi.org/10.1007/978-3-030-71852-7_3
Hu ZZhu MLiu P(2020)Adaptive Cyber Defense Against Multi-Stage Attacks Using Learning-Based POMDPACM Transactions on Privacy and Security10.1145/341889724:1(1-25)Online publication date: 8-Nov-2020
https://dl.acm.org/doi/10.1145/3418897
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents