Predictive Cyber Defense Remediation against Advanced Persistent Threat in Cyber-Physical Systems

Kamrul Hasan, Sachin Shetty, Tariqul Islam, Imtiaz Ahmed

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Advanced Persistent Threat (APT) has dramatically changed the landscape of cybersecurity. APT is carried out by stealthy, continuous, sophisticated, and well-funded attack processes for long-term malicious gain thwarting most current defense mechanisms. There is a need for a defense strategy that continuously combats APT over a long time-span in imper-fect/incomplete information on attacker's actions. We propose the stochastic evolutionary game model to simulate the dynamic adversary to address this need in this work. We add the player's rationality parameter c to the Logit Quantal Response Dynamics (LQ RD) model to quantify the cognitive differences of real-world players. We propose an optimal decision-making plan by calculating the stable evolutionary equilibrium that balances a trade-off between defense cost and benefit. Cases studies conducted on Energy Delivery Systems (EDS) indicate that the proposed method can help the defender predict possible attack action, select the related optimal cyber defense remediation over time, and gain the maximum defense payoff.

Original languageEnglish (US)
Title of host publicationICCCN 2022 - 31st International Conference on Computer Communications and Networks
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781665497268
DOIs
StatePublished - 2022
Event31st International Conference on Computer Communications and Networks, ICCCN 2022 - Virtual, Online, United States
Duration: Jul 25 2022Jul 27 2022

Publication series

NameProceedings - International Conference on Computer Communications and Networks, ICCCN
Volume2022-July
ISSN (Print)1095-2055

Conference

Conference31st International Conference on Computer Communications and Networks, ICCCN 2022
Country/TerritoryUnited States
CityVirtual, Online
Period7/25/227/27/22

Keywords

  • APT
  • Cyber Defense
  • Cyber-Physical Systems (CPS)
  • Energy Delivery Systems (EDS)

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Hardware and Architecture
  • Software

Fingerprint

Dive into the research topics of 'Predictive Cyber Defense Remediation against Advanced Persistent Threat in Cyber-Physical Systems'. Together they form a unique fingerprint.

Cite this