• DocumentCode
    3114641
  • Title

    Predictive defense against evolving adversaries

  • Author

    Colbaugh, Richard ; Glass, Kristin

  • Author_Institution
    Sandia Nat. Labs., Albuquerque, NM, USA
  • fYear
    2012
  • fDate
    11-14 June 2012
  • Firstpage
    18
  • Lastpage
    23
  • Abstract
    Adaptive adversaries are a primary concern in several domains, including cyber defense, border security, counterterrorism, and fraud prevention, and consequently there is great interest in developing defenses that maintain their effectiveness in the presence of evolving adversary strategies and tactics. This paper leverages the coevolutionary relationship between attackers and defenders to derive two new approaches to predictive defense, in which future attack techniques are anticipated and these insights are incorporated into defense designs. The first method combines game theory with machine learning to model and predict future adversary actions in the learner´s “feature space”; these predictions form the basis for synthesizing robust defenses. The second approach to predictive defense involves extrapolating the evolution of defense configurations forward in time, in the space of defense parameterizations, as a way of generating defenses which work well against evolving threats. Case studies with a large cyber security dataset assembled for this investigation demonstrate that each method provides effective, scalable defense against current and future attacks, outperforming gold-standard techniques. Additionally, preliminary tests indicate that a simple variant of the proposed design methodology yields defenses which are difficult for adversaries to reverse-engineer.
  • Keywords
    game theory; learning (artificial intelligence); security of data; adaptive adversaries; border security; counterterrorism; cyber defense; cyber security dataset; defense designs; defense parameterizations; evolving adversaries; fraud prevention; gold standard techniques; machine learning; predictive defense; Accuracy; Classification algorithms; Filtering algorithms; Prediction algorithms; Unsolicited electronic mail; Vectors; adversarial coevolution; cyber security; game theory; machine learning; predictive analytics; security informatics;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Intelligence and Security Informatics (ISI), 2012 IEEE International Conference on
  • Conference_Location
    Arlington, VA
  • Print_ISBN
    978-1-4673-2105-1
  • Type

    conf

  • DOI
    10.1109/ISI.2012.6283222
  • Filename
    6283222