Abstract

Large scale cloud networks consist of distributed networking and computing elements that process critical information and thus security is a key requirement for any environment. Unfortunately, assessing the security state of such networks is a challenging task and the tools used in the past by security experts such as packet filtering, firewall, Intrusion Detection Systems (IDS) etc., provide a reactive security mechanism. In this paper, we introduce a Moving Target Defense (MTD) based proactive security framework for monitoring attacks which lets us identify and reason about multi-stage attacks that target software vulnerabilities present in a cloud network. We formulate the multi-stage attack scenario as a two-player zero-sum Markov Game (between the attacker and the network administrator) on attack graphs. The rewards and transition probabilities are obtained by leveraging the expert knowledge present in the Common Vulnerability Scoring System (CVSS). Our framework identifies an attacker's optimal policy and places countermeasures to ensure that this attack policy is always detected, thus forcing the attacker to use a sub-optimal policy with higher cost.

Original languageEnglish (US)
Title of host publication2019 International Conference on Computing, Networking and Communications, ICNC 2019
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages577-581
Number of pages5
ISBN (Electronic)9781538692233
DOIs
StatePublished - Apr 8 2019
Event2019 International Conference on Computing, Networking and Communications, ICNC 2019 - Honolulu, United States
Duration: Feb 18 2019Feb 21 2019

Publication series

Name2019 International Conference on Computing, Networking and Communications, ICNC 2019

Conference

Conference2019 International Conference on Computing, Networking and Communications, ICNC 2019
CountryUnited States
CityHonolulu
Period2/18/192/21/19

Fingerprint

Intrusion detection
Monitoring
Costs

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Software
  • Hardware and Architecture

Cite this

Chowdhary, A., Sengupta, S., Alshamrani, A., Huang, D., & Sabur, A. (2019). Adaptive MTD Security using Markov Game Modeling. In 2019 International Conference on Computing, Networking and Communications, ICNC 2019 (pp. 577-581). [8685647] (2019 International Conference on Computing, Networking and Communications, ICNC 2019). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ICCNC.2019.8685647

Adaptive MTD Security using Markov Game Modeling. / Chowdhary, Ankur; Sengupta, Sailik; Alshamrani, Adel; Huang, Dijiang; Sabur, Abdulhakim.

2019 International Conference on Computing, Networking and Communications, ICNC 2019. Institute of Electrical and Electronics Engineers Inc., 2019. p. 577-581 8685647 (2019 International Conference on Computing, Networking and Communications, ICNC 2019).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Chowdhary, A, Sengupta, S, Alshamrani, A, Huang, D & Sabur, A 2019, Adaptive MTD Security using Markov Game Modeling. in 2019 International Conference on Computing, Networking and Communications, ICNC 2019., 8685647, 2019 International Conference on Computing, Networking and Communications, ICNC 2019, Institute of Electrical and Electronics Engineers Inc., pp. 577-581, 2019 International Conference on Computing, Networking and Communications, ICNC 2019, Honolulu, United States, 2/18/19. https://doi.org/10.1109/ICCNC.2019.8685647
Chowdhary A, Sengupta S, Alshamrani A, Huang D, Sabur A. Adaptive MTD Security using Markov Game Modeling. In 2019 International Conference on Computing, Networking and Communications, ICNC 2019. Institute of Electrical and Electronics Engineers Inc. 2019. p. 577-581. 8685647. (2019 International Conference on Computing, Networking and Communications, ICNC 2019). https://doi.org/10.1109/ICCNC.2019.8685647
Chowdhary, Ankur ; Sengupta, Sailik ; Alshamrani, Adel ; Huang, Dijiang ; Sabur, Abdulhakim. / Adaptive MTD Security using Markov Game Modeling. 2019 International Conference on Computing, Networking and Communications, ICNC 2019. Institute of Electrical and Electronics Engineers Inc., 2019. pp. 577-581 (2019 International Conference on Computing, Networking and Communications, ICNC 2019).
@inproceedings{bacd18660bb44c34aed2d1ad10426717,
title = "Adaptive MTD Security using Markov Game Modeling",
abstract = "Large scale cloud networks consist of distributed networking and computing elements that process critical information and thus security is a key requirement for any environment. Unfortunately, assessing the security state of such networks is a challenging task and the tools used in the past by security experts such as packet filtering, firewall, Intrusion Detection Systems (IDS) etc., provide a reactive security mechanism. In this paper, we introduce a Moving Target Defense (MTD) based proactive security framework for monitoring attacks which lets us identify and reason about multi-stage attacks that target software vulnerabilities present in a cloud network. We formulate the multi-stage attack scenario as a two-player zero-sum Markov Game (between the attacker and the network administrator) on attack graphs. The rewards and transition probabilities are obtained by leveraging the expert knowledge present in the Common Vulnerability Scoring System (CVSS). Our framework identifies an attacker's optimal policy and places countermeasures to ensure that this attack policy is always detected, thus forcing the attacker to use a sub-optimal policy with higher cost.",
author = "Ankur Chowdhary and Sailik Sengupta and Adel Alshamrani and Dijiang Huang and Abdulhakim Sabur",
year = "2019",
month = "4",
day = "8",
doi = "10.1109/ICCNC.2019.8685647",
language = "English (US)",
series = "2019 International Conference on Computing, Networking and Communications, ICNC 2019",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "577--581",
booktitle = "2019 International Conference on Computing, Networking and Communications, ICNC 2019",

}

TY - GEN

T1 - Adaptive MTD Security using Markov Game Modeling

AU - Chowdhary, Ankur

AU - Sengupta, Sailik

AU - Alshamrani, Adel

AU - Huang, Dijiang

AU - Sabur, Abdulhakim

PY - 2019/4/8

Y1 - 2019/4/8

N2 - Large scale cloud networks consist of distributed networking and computing elements that process critical information and thus security is a key requirement for any environment. Unfortunately, assessing the security state of such networks is a challenging task and the tools used in the past by security experts such as packet filtering, firewall, Intrusion Detection Systems (IDS) etc., provide a reactive security mechanism. In this paper, we introduce a Moving Target Defense (MTD) based proactive security framework for monitoring attacks which lets us identify and reason about multi-stage attacks that target software vulnerabilities present in a cloud network. We formulate the multi-stage attack scenario as a two-player zero-sum Markov Game (between the attacker and the network administrator) on attack graphs. The rewards and transition probabilities are obtained by leveraging the expert knowledge present in the Common Vulnerability Scoring System (CVSS). Our framework identifies an attacker's optimal policy and places countermeasures to ensure that this attack policy is always detected, thus forcing the attacker to use a sub-optimal policy with higher cost.

AB - Large scale cloud networks consist of distributed networking and computing elements that process critical information and thus security is a key requirement for any environment. Unfortunately, assessing the security state of such networks is a challenging task and the tools used in the past by security experts such as packet filtering, firewall, Intrusion Detection Systems (IDS) etc., provide a reactive security mechanism. In this paper, we introduce a Moving Target Defense (MTD) based proactive security framework for monitoring attacks which lets us identify and reason about multi-stage attacks that target software vulnerabilities present in a cloud network. We formulate the multi-stage attack scenario as a two-player zero-sum Markov Game (between the attacker and the network administrator) on attack graphs. The rewards and transition probabilities are obtained by leveraging the expert knowledge present in the Common Vulnerability Scoring System (CVSS). Our framework identifies an attacker's optimal policy and places countermeasures to ensure that this attack policy is always detected, thus forcing the attacker to use a sub-optimal policy with higher cost.

UR - http://www.scopus.com/inward/record.url?scp=85064966125&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85064966125&partnerID=8YFLogxK

U2 - 10.1109/ICCNC.2019.8685647

DO - 10.1109/ICCNC.2019.8685647

M3 - Conference contribution

T3 - 2019 International Conference on Computing, Networking and Communications, ICNC 2019

SP - 577

EP - 581

BT - 2019 International Conference on Computing, Networking and Communications, ICNC 2019

PB - Institute of Electrical and Electronics Engineers Inc.

ER -