All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”

Hardening networks against strategic attackers using attack graph games

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21230%2F19%3A00333035" target="_blank" >RIV/68407700:21230/19:00333035 - isvavai.cz</a>

  • Result on the web

    <a href="https://doi.org/10.1016/j.cose.2019.101578" target="_blank" >https://doi.org/10.1016/j.cose.2019.101578</a>

  • DOI - Digital Object Identifier

    <a href="http://dx.doi.org/10.1016/j.cose.2019.101578" target="_blank" >10.1016/j.cose.2019.101578</a>

Alternative languages

  • Result language

    angličtina

  • Original language name

    Hardening networks against strategic attackers using attack graph games

  • Original language description

    We consider the problem faced by a network administrator (defender) when deploying limited security resources to protect a network against a strategic attacker. To evaluate the effectiveness of a defense strategy, one must consider possible counterattacks that an attacker can choose. We use game theory to model the interaction between the defender and the attacker. Game theory provides relevant concepts and algorithms for computing optimal strategies in environments with multiple decision makers. To model the space of attacker's possible actions, we use attack graphs, that compactly represent all known sequences of attacker's action that may lead to successful attack for a given network. We demonstrate our approach on a specific type of defense actions, where the defender deploys deceptive hosts and services (honeypots) to detect and mitigate attacks. We assume the worst-case attacker who has a complete knowledge of the (typically randomized) defense strategy. We seek the optimal defense strategy against this attacker in the form of a Stackelberg equilibrium. Computing this solution exactly using standard techniques has limited scalability, so we investigate several approaches for increasing scalability to realistic problems. We introduce optimization methods for finding exact solutions for these games and then propose a variety of polynomial heuristic algorithms that scale to significantly larger games. We analyze the scalability and the quality of these heuristic solutions on realistic network topologies. We show that the strategies found by the heuristics are often near-optimal and that they outperform non-game-theoretic baselines. Finally, we show how attack graph games can be used to answer various research questions relevant to network security administrators.

  • Czech name

  • Czech description

Classification

  • Type

    J<sub>imp</sub> - Article in a specialist periodical, which is included in the Web of Science database

  • CEP classification

  • OECD FORD branch

    10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Result continuities

  • Project

    <a href="/en/project/EF16_019%2F0000765" target="_blank" >EF16_019/0000765: Research Center for Informatics</a><br>

  • Continuities

    P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Others

  • Publication year

    2019

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Name of the periodical

    Computers & Security

  • ISSN

    0167-4048

  • e-ISSN

    1872-6208

  • Volume of the periodical

    87

  • Issue of the periodical within the volume

    87

  • Country of publishing house

    GB - UNITED KINGDOM

  • Number of pages

    25

  • Pages from-to

  • UT code for WoS article

    000494048500014

  • EID of the result in the Scopus database

    2-s2.0-85070228032