A receding-horizon MDP approach for performance evaluation of moving target defense in networks

Zhentian Qian, Jie Fu, Quanyan Zhu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In this paper we study the problem of assessing the effectiveness of a proactive defense-by-detection policy with a network-based moving target defense. We model the network system using a probabilistic attack graph-a graphical security model. Given a network system with a proactive defense strategy an intelligent attacker needs to perform reconnaissance repeatedly to learn about the locations of intrusion detection systems and re- plan optimally to reach the target while avoiding detection. To compute the attacker's strategy for security evaluation we develop a receding-horizon planning algorithm using a risk-sensitive Markov decision process with a time-varying reward function. Finally we implement both defense and attack strategies in a synthetic network and analyze how the frequency of network randomization and the number of detection systems can influence the success rate of the attacker. This study provides insights for designing proactive defense strategies against online and multi-stage attacks by a resourceful attacker.

Original languageEnglish (US)
Title of host publicationCCTA 2020 - 4th IEEE Conference on Control Technology and Applications
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages1-7
Number of pages7
ISBN (Electronic)9781728171401
DOIs
StatePublished - Aug 2020
Event4th IEEE Conference on Control Technology and Applications, CCTA 2020 - Virtual, Montreal, Canada
Duration: Aug 24 2020Aug 26 2020

Publication series

NameCCTA 2020 - 4th IEEE Conference on Control Technology and Applications

Conference

Conference4th IEEE Conference on Control Technology and Applications, CCTA 2020
Country/TerritoryCanada
CityVirtual, Montreal
Period8/24/208/26/20

ASJC Scopus subject areas

  • Computer Science Applications
  • Control and Optimization
  • Instrumentation

Fingerprint

Dive into the research topics of 'A receding-horizon MDP approach for performance evaluation of moving target defense in networks'. Together they form a unique fingerprint.

Cite this