Abstract

Large scale cloud networks consist of distributed networking and computing elements that process critical information and thus security is a key requirement for any environment. Unfortunately, assessing the security state of such networks is a challenging task and the tools used in the past by security experts such as packet filtering, firewall, Intrusion Detection Systems (IDS) etc., provide a reactive security mechanism. In this paper, we introduce a Moving Target Defense (MTD) based proactive security framework for monitoring attacks which lets us identify and reason about multi-stage attacks that target software vulnerabilities present in a cloud network. We formulate the multi-stage attack scenario as a two-player zero-sum Markov Game (between the attacker and the network administrator) on attack graphs. The rewards and transition probabilities are obtained by leveraging the expert knowledge present in the Common Vulnerability Scoring System (CVSS). Our framework identifies an attacker's optimal policy and places countermeasures to ensure that this attack policy is always detected, thus forcing the attacker to use a sub-optimal policy with higher cost.

Original languageEnglish (US)
Title of host publication2019 International Conference on Computing, Networking and Communications, ICNC 2019
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages577-581
Number of pages5
ISBN (Electronic)9781538692233
DOIs
StatePublished - Apr 8 2019
Event2019 International Conference on Computing, Networking and Communications, ICNC 2019 - Honolulu, United States
Duration: Feb 18 2019Feb 21 2019

Publication series

Name2019 International Conference on Computing, Networking and Communications, ICNC 2019

Conference

Conference2019 International Conference on Computing, Networking and Communications, ICNC 2019
CountryUnited States
CityHonolulu
Period2/18/192/21/19

    Fingerprint

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Software
  • Hardware and Architecture

Cite this

Chowdhary, A., Sengupta, S., Alshamrani, A., Huang, D., & Sabur, A. (2019). Adaptive MTD Security using Markov Game Modeling. In 2019 International Conference on Computing, Networking and Communications, ICNC 2019 (pp. 577-581). [8685647] (2019 International Conference on Computing, Networking and Communications, ICNC 2019). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ICCNC.2019.8685647