Abstract
Active cyber defense is one important defensive method for combating cyber attacks. Unlike traditional defensive methods such as firewall-based filtering and anti-malware tools, active cyber defense is based on spreading “white” or “benign” worms to combat against the attackers’ malwares (i.e., malicious worms) that also spread over the network. In this paper, we initiate the study of optimal active cyber defense in the setting of strategic attackers and/or strategic defenders. Specifically, we investigate infinite-time horizon optimal control and fast optimal control for strategic defenders (who want to minimize their cost) against non-strategic attackers (who do not consider the issue of cost). We also investigate the Nash equilibria for strategic defenders and attackers. We discuss the cyber security meanings/implications of the theoretic results. Our study brings interesting open problems for future research.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
References
Aitel, D.: Nematodes – beneficial worms (September 2005), http://www.immunityinc.com/downloads/nematodes.pdf
Alpcan, T., Başar, T.: Network Security: A Decision and Game Theoretic Approach. Cambridge University Press (2011)
Bardi, M., Capuzzo-Dolcetta, I.: Optimal control and viscosity solutions of Hamilton-Jacobi-Bellman equations. Birkhauser (2008)
Bensoussan, A., Kantarcioglu, M., Hoe, S.R.: A game-theoretical approach for finding optimal strategies in a botnet defense model. In: Alpcan, T., Buttyán, L., Baras, J.S. (eds.) GameSec 2010. LNCS, vol. 6442, pp. 135–148. Springer, Heidelberg (2010)
Castaneda, F., Sezer, E., Xu, J.: Worm vs. worm: preliminary study of an active counter-attack mechanism. In: Proc. ACM WORM 2004, pp. 83–93 (2004)
Chakrabarti, D., Wang, Y., Wang, C., Leskovec, J., Faloutsos, C.: Epidemic thresholds in real networks. ACM Trans. Inf. Syst. Secur. 10(4), 1–26 (2008)
Collins, M.: A cost-based mechanism for evaluating the effectiveness of moving target defenses. In: Grossklags, J., Walrand, J. (eds.) GameSec 2012. LNCS, vol. 7638, pp. 221–233. Springer, Heidelberg (2012)
Fultz, N., Grossklags, J.: Blue versus Red: Towards a Model of Distributed Security Attacks. In: Dingledine, R., Golle, P. (eds.) FC 2009. LNCS, vol. 5628, pp. 167–183. Springer, Heidelberg (2009)
Ganesh, A., Massoulie, L., Towsley, D.: The effect of network topology on the spread of epidemics. In: Proc. of IEEE Infocom 2005 (2005)
Kephart, J., White, S.: Directed-graph epidemiological models of computer viruses. In: Proc. IEEE Symposium on Security and Privacy, pp. 343–361 (1991)
Kephart, J., White, S.: Measuring and modeling computer virus prevalence. In: Proc. IEEE Symposium on Security and Privacy, pp. 2–15 (1993)
Kermack, W., McKendrick, A.: A contribution to the mathematical theory of epidemics. Proc. of Roy. Soc. Lond. A 115, 700–721 (1927)
Kesan, J., Hayes, C.: Mitigative counterstriking: Self-defense and deterrence in cyberspace. Harvard Journal of Law and Technology (forthcoming), SSRN: http://ssrn.com/abstract=1805163
Khouzani, M., Sarkar, S., Altman, E.: A dynamic game solution to malware attack. In: Proc. IEEE INFOCOM, pp. 2138–2146 (2011)
Khouzani, M., Sarkar, S., Altman, E.: Saddle-point strategies in malware attack. IEEE Journal on Selected Areas in Communications 30(1), 31–43 (2012)
Lin, H.: Lifting the veil on cyber offense. IEEE Security & Privacy 7(4), 15–21 (2009)
Manshaei, M., Zhu, Q., Alpcan, T., Basar, T., Hubaux, J.: Game theory meets network security and privacy. In: ACM Computing Survey (to appear)
Matthews, W.: U.s. said to need stronger, active cyber defenses (October 1, 2010), http://www.defensenews.com/story.php?i=4824730
McKendrick, A.: Applications of mathematics to medical problems. Proc. of Edin. Math. Soceity 14, 98–130 (1926)
Naraine, R.: ‘friendly’ welchia worm wreaking havoc (August 19, 2003), http://www.internetnews.com/ent-news/article.php/3065761/Friendly-Welchia-Worm-Wreaking-Havoc.htm
Omic, J., Orda, A., Van Mieghem, P.: Protecting against network infections: A game theoretic perspective. In: Infocom 2009, pp. 1485–1493 (2009)
Píbil, R., Lisý, V., Kiekintveld, C., Bošanský, B., Pěchouček, M.: Game theoretic model of strategic honeypot selection in computer networks. In: Grossklags, J., Walrand, J. (eds.) GameSec 2012. LNCS, vol. 7638, pp. 201–220. Springer, Heidelberg (2012)
Schneier, B.: Benevolent worms (February 19, 2008), http://www.schneier.com/blog/archives/2008/02/benevolent_worm_1.html
Shaughnessy, L.: The internet: Frontline of the next war? (November 7, 2011), http://www.cnn.com/2011/11/07/us/darpa/
Theodorakopoulos, G., Boudec, J.-Y.L., Baras, J.S.: Selfish response to epidemic propagation. IEEE Trans. Aut. Contr. 58(2), 363–376 (2013)
Van Mieghem, P., Omic, J., Kooij, R.: Virus spread in networks. IEEE/ACM Trans. Netw. 17(1), 1–14 (2009)
Vojnovic, M., Ganesh, A.: On the race of worms, alerts, and patches. IEEE/ACM Trans. Netw. 16, 1066–1079 (2008)
Wang, Y., Chakrabarti, D., Wang, C., Faloutsos, C.: Epidemic spreading in real networks: An eigenvalue viewpoint. In: Proc. IEEE SRDS 2003, pp. 25–34 (2003)
Weaver, N., Ellis, D.: White worms don’t work. login: The Usenix Magazine 31(6), 33–38 (2006)
Homeland Security News Wire. Active cyber-defense strategy best deterrent against cyber-attacks (June 28, 2011), http://www.homelandsecuritynewswire.com/active-cyber-defense-strategy-best-deterrent-against-cyber-attacks
Wolf, J.: Update 2-u.s. says will boost its cyber arsenal (November 7, 2011), http://www.reuters.com/article/2011/11/07/cyber-usa-offensive-idUSN1E7A61YQ20111107
Xu, S., Lu, W., Xu, L.: Push- and pull-based epidemic spreading in arbitrary networks: Thresholds and deeper insights. ACM Transactions on Autonomous and Adaptive Systems (ACM TAAS) 7(3), 32:1–32:26 (2012)
Xu, S., Lu, W., Xu, L., Zhan, Z.: Adaptive epidemic dynamics in networks: Thresholds and control. ACM Transactions on Autonomous and Adaptive Systems (ACM TAAS) (to appear)
Xu, S., Lu, W., Zhan, Z.: A stochastic model of multivirus dynamics. IEEE Trans. Dependable Sec. Comput. 9(1), 30–45 (2012)
Xu, S., Lu, W., Li, H.: A stochastic model of active cyber defense dynamics. Internet Mathematics (to appear)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer International Publishing Switzerland
About this paper
Cite this paper
Lu, W., Xu, S., Yi, X. (2013). Optimizing Active Cyber Defense. In: Das, S.K., Nita-Rotaru, C., Kantarcioglu, M. (eds) Decision and Game Theory for Security. GameSec 2013. Lecture Notes in Computer Science, vol 8252. Springer, Cham. https://doi.org/10.1007/978-3-319-02786-9_13
Download citation
DOI: https://doi.org/10.1007/978-3-319-02786-9_13
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-02785-2
Online ISBN: 978-3-319-02786-9
eBook Packages: Computer ScienceComputer Science (R0)