CSRS: Cyber Survive and Recover Simulator

Swastik Brahma; Kevin Kwiat; Pramod Kumar Varshney; Charles A. Kamhoua

doi:10.1109/HASE.2016.33

CSRS: Cyber Survive and Recover Simulator

Swastik Brahma, Kevin Kwiat, Pramod Kumar Varshney, Charles A. Kamhoua

Department of Electrical Engineering & Computer Science

Research output: Chapter in Book/Entry/Poem › Conference contribution

Abstract

It has been argued that systems that are comprised of similar components (i.e., a monoculture) are more prone to attacks than a system that exhibits diversity. But it is not currently clear how much diversity is needed and how to leverage the underlying diversity in the design space. In this paper, we present a game theoretic model to analyze strategic attack-defense scenarios as well as present our research and development effort to develop a software tool that facilitates analysis of strategic use of redundancy and diversity techniques for cyber survivability and recoverability by leveraging the developed game theoretic model. The simulator shows the potential of using game theoretic approaches for exploiting diversity for cyber survivability. The game theoretic model illustrates how the concept of the Nash Equilibrium provides a theoretical framework for designing strategic security solutions and how the mixed strategy solution space provides a conceptual basis for defining optimal randomization techniques that can exploit the underlying diversity. The simulator provides capabilities to simulate various attack-defense scenarios, analyze defense tactics, and provide feasible security solutions to help adopt appropriate defense strategies.

Original language	English (US)
Title of host publication	Proceedings of IEEE International Symposium on High Assurance Systems Engineering
Publisher	IEEE Computer Society
Pages	110-113
Number of pages	4
Volume	2016-March
ISBN (Print)	9781467399128
DOIs	https://doi.org/10.1109/HASE.2016.33
State	Published - Mar 1 2016
Event	17th IEEE International Symposium on High Assurance Systems Engineering, HASE 2016 - Orlando, United States Duration: Jan 7 2016 → Jan 9 2016

Other

Other	17th IEEE International Symposium on High Assurance Systems Engineering, HASE 2016
Country/Territory	United States
City	Orlando
Period	1/7/16 → 1/9/16

Keywords

Cyber-security simulation
Diversity
Game Theory

ASJC Scopus subject areas

Software
Safety, Risk, Reliability and Quality

Access to Document

10.1109/HASE.2016.33

Cite this

Brahma, S, Kwiat, K, Varshney, PK & Kamhoua, CA 2016, CSRS: Cyber Survive and Recover Simulator. in Proceedings of IEEE International Symposium on High Assurance Systems Engineering. vol. 2016-March, 7423141, IEEE Computer Society, pp. 110-113, 17th IEEE International Symposium on High Assurance Systems Engineering, HASE 2016, Orlando, United States, 1/7/16. https://doi.org/10.1109/HASE.2016.33

@inproceedings{507d8f9a08dc4c258af65c079c74192b,

title = "CSRS: Cyber Survive and Recover Simulator",

abstract = "It has been argued that systems that are comprised of similar components (i.e., a monoculture) are more prone to attacks than a system that exhibits diversity. But it is not currently clear how much diversity is needed and how to leverage the underlying diversity in the design space. In this paper, we present a game theoretic model to analyze strategic attack-defense scenarios as well as present our research and development effort to develop a software tool that facilitates analysis of strategic use of redundancy and diversity techniques for cyber survivability and recoverability by leveraging the developed game theoretic model. The simulator shows the potential of using game theoretic approaches for exploiting diversity for cyber survivability. The game theoretic model illustrates how the concept of the Nash Equilibrium provides a theoretical framework for designing strategic security solutions and how the mixed strategy solution space provides a conceptual basis for defining optimal randomization techniques that can exploit the underlying diversity. The simulator provides capabilities to simulate various attack-defense scenarios, analyze defense tactics, and provide feasible security solutions to help adopt appropriate defense strategies.",

keywords = "Cyber-security simulation, Diversity, Game Theory",

author = "Swastik Brahma and Kevin Kwiat and Varshney, {Pramod Kumar} and Kamhoua, {Charles A.}",

year = "2016",

month = mar,

day = "1",

doi = "10.1109/HASE.2016.33",

language = "English (US)",

isbn = "9781467399128",

volume = "2016-March",

pages = "110--113",

booktitle = "Proceedings of IEEE International Symposium on High Assurance Systems Engineering",

publisher = "IEEE Computer Society",

address = "United States",

note = "17th IEEE International Symposium on High Assurance Systems Engineering, HASE 2016 ; Conference date: 07-01-2016 Through 09-01-2016",

}

TY - GEN

T1 - CSRS

T2 - 17th IEEE International Symposium on High Assurance Systems Engineering, HASE 2016

AU - Brahma, Swastik

AU - Kwiat, Kevin

AU - Varshney, Pramod Kumar

AU - Kamhoua, Charles A.

PY - 2016/3/1

Y1 - 2016/3/1

N2 - It has been argued that systems that are comprised of similar components (i.e., a monoculture) are more prone to attacks than a system that exhibits diversity. But it is not currently clear how much diversity is needed and how to leverage the underlying diversity in the design space. In this paper, we present a game theoretic model to analyze strategic attack-defense scenarios as well as present our research and development effort to develop a software tool that facilitates analysis of strategic use of redundancy and diversity techniques for cyber survivability and recoverability by leveraging the developed game theoretic model. The simulator shows the potential of using game theoretic approaches for exploiting diversity for cyber survivability. The game theoretic model illustrates how the concept of the Nash Equilibrium provides a theoretical framework for designing strategic security solutions and how the mixed strategy solution space provides a conceptual basis for defining optimal randomization techniques that can exploit the underlying diversity. The simulator provides capabilities to simulate various attack-defense scenarios, analyze defense tactics, and provide feasible security solutions to help adopt appropriate defense strategies.

AB - It has been argued that systems that are comprised of similar components (i.e., a monoculture) are more prone to attacks than a system that exhibits diversity. But it is not currently clear how much diversity is needed and how to leverage the underlying diversity in the design space. In this paper, we present a game theoretic model to analyze strategic attack-defense scenarios as well as present our research and development effort to develop a software tool that facilitates analysis of strategic use of redundancy and diversity techniques for cyber survivability and recoverability by leveraging the developed game theoretic model. The simulator shows the potential of using game theoretic approaches for exploiting diversity for cyber survivability. The game theoretic model illustrates how the concept of the Nash Equilibrium provides a theoretical framework for designing strategic security solutions and how the mixed strategy solution space provides a conceptual basis for defining optimal randomization techniques that can exploit the underlying diversity. The simulator provides capabilities to simulate various attack-defense scenarios, analyze defense tactics, and provide feasible security solutions to help adopt appropriate defense strategies.

KW - Cyber-security simulation

KW - Diversity

KW - Game Theory

UR - http://www.scopus.com/inward/record.url?scp=84962834094&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84962834094&partnerID=8YFLogxK

U2 - 10.1109/HASE.2016.33

DO - 10.1109/HASE.2016.33

M3 - Conference contribution

AN - SCOPUS:84962834094

SN - 9781467399128

VL - 2016-March

SP - 110

EP - 113

BT - Proceedings of IEEE International Symposium on High Assurance Systems Engineering

PB - IEEE Computer Society

Y2 - 7 January 2016 through 9 January 2016

ER -

CSRS: Cyber Survive and Recover Simulator

Abstract

Other

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this