Neal Wagner, C. Sahin, M. Winterrose, J. Riordan, Jaime Peña, D. Hanson, W. Streilein
{"title":"迈向自动化网络决策支持:网络安全分割案例研究","authors":"Neal Wagner, C. Sahin, M. Winterrose, J. Riordan, Jaime Peña, D. Hanson, W. Streilein","doi":"10.1109/SSCI.2016.7849908","DOIUrl":null,"url":null,"abstract":"Network segmentation is a security measure that partitions a network into sections or segments to restrict the movement of a cyber attacker and make it difficult for her to gain access to valuable network resources. This threat-mitigating practice has been recommended by several information security agencies. While it is clear that segmentation is a critical defensive mitigation against cyber threats, it is not clear how to properly apply it. Current standards only offer vague guidance on how to apply segmentation and, thus, practitioners must rely on judgment. This paper examines the problem from a decision support perspective: that is, how can an appropriate segmentation for a given network environment be selected? We propose a novel method for supporting such a decision that utilizes an approach based on heuristic search and agent-based simulation. We have implemented a first prototype of our method and illustrate its use via a case study on a representative network environment.","PeriodicalId":120288,"journal":{"name":"2016 IEEE Symposium Series on Computational Intelligence (SSCI)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2016-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"30","resultStr":"{\"title\":\"Towards automated cyber decision support: A case study on network segmentation for security\",\"authors\":\"Neal Wagner, C. Sahin, M. Winterrose, J. Riordan, Jaime Peña, D. Hanson, W. Streilein\",\"doi\":\"10.1109/SSCI.2016.7849908\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Network segmentation is a security measure that partitions a network into sections or segments to restrict the movement of a cyber attacker and make it difficult for her to gain access to valuable network resources. This threat-mitigating practice has been recommended by several information security agencies. While it is clear that segmentation is a critical defensive mitigation against cyber threats, it is not clear how to properly apply it. Current standards only offer vague guidance on how to apply segmentation and, thus, practitioners must rely on judgment. This paper examines the problem from a decision support perspective: that is, how can an appropriate segmentation for a given network environment be selected? We propose a novel method for supporting such a decision that utilizes an approach based on heuristic search and agent-based simulation. We have implemented a first prototype of our method and illustrate its use via a case study on a representative network environment.\",\"PeriodicalId\":120288,\"journal\":{\"name\":\"2016 IEEE Symposium Series on Computational Intelligence (SSCI)\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"30\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 IEEE Symposium Series on Computational Intelligence (SSCI)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SSCI.2016.7849908\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 IEEE Symposium Series on Computational Intelligence (SSCI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SSCI.2016.7849908","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Towards automated cyber decision support: A case study on network segmentation for security
Network segmentation is a security measure that partitions a network into sections or segments to restrict the movement of a cyber attacker and make it difficult for her to gain access to valuable network resources. This threat-mitigating practice has been recommended by several information security agencies. While it is clear that segmentation is a critical defensive mitigation against cyber threats, it is not clear how to properly apply it. Current standards only offer vague guidance on how to apply segmentation and, thus, practitioners must rely on judgment. This paper examines the problem from a decision support perspective: that is, how can an appropriate segmentation for a given network environment be selected? We propose a novel method for supporting such a decision that utilizes an approach based on heuristic search and agent-based simulation. We have implemented a first prototype of our method and illustrate its use via a case study on a representative network environment.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
