Strategy-Aware Mitigation Using Markov Games for Dynamic Application-Layer Attacks

2015 IEEE 16th International Symposium on High Assurance Systems Engineering Pub Date : 2015-01-08 DOI:10.1109/HASE.2015.28

Mahsa Emami-Taba, M. Amoui, L. Tahvildari

{"title":"Strategy-Aware Mitigation Using Markov Games for Dynamic Application-Layer Attacks","authors":"Mahsa Emami-Taba, M. Amoui, L. Tahvildari","doi":"10.1109/HASE.2015.28","DOIUrl":null,"url":null,"abstract":"Targeted and destructive nature of strategies used by attackers to break down the system require mitigation approaches with dynamic awareness. In the domain of adaptive software security, the adaptation manager of a self-protecting software is responsible for selecting countermeasures to prevent or mitigate attacks immediately. Making a right decision in each and every situation is one of the most challenging aspects of engineering self-protecting software systems. Inspired by the game theory, in this research work, we model the interactions between the attacker and the adaptation manager as a two-player zero-sum Markov game. Using this game-theoretic approach, the adaptation manager can refine its strategies in dynamic attack scenarios by utilizing what has learned from the system's and adversary's actions. We also present how this approach can be fitted to the well-known MAPE-K architecture model. As a proof of concept, this research conducts a study on a case of dynamic application-layer denial of service attacks. The simulation results demonstrate how our approach performs while encountering different attack strategies.","PeriodicalId":248645,"journal":{"name":"2015 IEEE 16th International Symposium on High Assurance Systems Engineering","volume":"263 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-01-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 IEEE 16th International Symposium on High Assurance Systems Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/HASE.2015.28","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 8

Abstract

Targeted and destructive nature of strategies used by attackers to break down the system require mitigation approaches with dynamic awareness. In the domain of adaptive software security, the adaptation manager of a self-protecting software is responsible for selecting countermeasures to prevent or mitigate attacks immediately. Making a right decision in each and every situation is one of the most challenging aspects of engineering self-protecting software systems. Inspired by the game theory, in this research work, we model the interactions between the attacker and the adaptation manager as a two-player zero-sum Markov game. Using this game-theoretic approach, the adaptation manager can refine its strategies in dynamic attack scenarios by utilizing what has learned from the system's and adversary's actions. We also present how this approach can be fitted to the well-known MAPE-K architecture model. As a proof of concept, this research conducts a study on a case of dynamic application-layer denial of service attacks. The simulation results demonstrate how our approach performs while encountering different attack strategies.

查看原文本刊更多论文

基于马尔可夫博弈的动态应用层攻击策略感知缓解

攻击者用于破坏系统的策略具有针对性和破坏性，因此需要具有动态感知的缓解方法。在自适应软件安全领域，自保护软件的自适应管理器负责选择防止或减轻攻击的对策。在各种情况下做出正确的决定是工程自我保护软件系统最具挑战性的方面之一。在博弈论的启发下，本研究将攻击者与适应管理者之间的互动建模为二人零和马尔可夫博弈。使用这种博弈论方法，适应管理器可以利用从系统和对手的行动中学到的东西，在动态攻击场景中改进其策略。我们还介绍了如何将这种方法应用到众所周知的MAPE-K体系结构模型中。作为概念验证，本研究对一个动态应用层拒绝服务攻击案例进行了研究。仿真结果显示了我们的方法在遇到不同攻击策略时的性能。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2015 IEEE 16th International Symposium on High Assurance Systems Engineering

自引率

0.00%

发文量