Towards automated cyber decision support: A case study on network segmentation for security

Neal Wagner, C. Sahin, M. Winterrose, J. Riordan, Jaime Peña, D. Hanson, W. Streilein
{"title":"Towards automated cyber decision support: A case study on network segmentation for security","authors":"Neal Wagner, C. Sahin, M. Winterrose, J. Riordan, Jaime Peña, D. Hanson, W. Streilein","doi":"10.1109/SSCI.2016.7849908","DOIUrl":null,"url":null,"abstract":"Network segmentation is a security measure that partitions a network into sections or segments to restrict the movement of a cyber attacker and make it difficult for her to gain access to valuable network resources. This threat-mitigating practice has been recommended by several information security agencies. While it is clear that segmentation is a critical defensive mitigation against cyber threats, it is not clear how to properly apply it. Current standards only offer vague guidance on how to apply segmentation and, thus, practitioners must rely on judgment. This paper examines the problem from a decision support perspective: that is, how can an appropriate segmentation for a given network environment be selected? We propose a novel method for supporting such a decision that utilizes an approach based on heuristic search and agent-based simulation. We have implemented a first prototype of our method and illustrate its use via a case study on a representative network environment.","PeriodicalId":120288,"journal":{"name":"2016 IEEE Symposium Series on Computational Intelligence (SSCI)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2016-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"30","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 IEEE Symposium Series on Computational Intelligence (SSCI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SSCI.2016.7849908","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 30

Abstract

Network segmentation is a security measure that partitions a network into sections or segments to restrict the movement of a cyber attacker and make it difficult for her to gain access to valuable network resources. This threat-mitigating practice has been recommended by several information security agencies. While it is clear that segmentation is a critical defensive mitigation against cyber threats, it is not clear how to properly apply it. Current standards only offer vague guidance on how to apply segmentation and, thus, practitioners must rely on judgment. This paper examines the problem from a decision support perspective: that is, how can an appropriate segmentation for a given network environment be selected? We propose a novel method for supporting such a decision that utilizes an approach based on heuristic search and agent-based simulation. We have implemented a first prototype of our method and illustrate its use via a case study on a representative network environment.
迈向自动化网络决策支持:网络安全分割案例研究
网络分段是一种安全措施,它将网络划分为若干节或段,以限制网络攻击者的活动,使其难以获得宝贵的网络资源。这种缓解威胁的做法已被一些信息安全机构推荐。虽然很明显,分割是针对网络威胁的关键防御缓解措施,但尚不清楚如何正确应用它。目前的标准只提供了关于如何应用分割的模糊指导,因此,从业者必须依靠判断。本文从决策支持的角度考察了这个问题:即,如何为给定的网络环境选择合适的分段?我们提出了一种支持这种决策的新方法,该方法利用了基于启发式搜索和基于代理的模拟的方法。我们已经实现了我们方法的第一个原型,并通过一个代表性网络环境的案例研究来说明它的使用。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信