DocumentCode
3114641
Title
Predictive defense against evolving adversaries
Author
Colbaugh, Richard ; Glass, Kristin
Author_Institution
Sandia Nat. Labs., Albuquerque, NM, USA
fYear
2012
fDate
11-14 June 2012
Firstpage
18
Lastpage
23
Abstract
Adaptive adversaries are a primary concern in several domains, including cyber defense, border security, counterterrorism, and fraud prevention, and consequently there is great interest in developing defenses that maintain their effectiveness in the presence of evolving adversary strategies and tactics. This paper leverages the coevolutionary relationship between attackers and defenders to derive two new approaches to predictive defense, in which future attack techniques are anticipated and these insights are incorporated into defense designs. The first method combines game theory with machine learning to model and predict future adversary actions in the learner´s “feature space”; these predictions form the basis for synthesizing robust defenses. The second approach to predictive defense involves extrapolating the evolution of defense configurations forward in time, in the space of defense parameterizations, as a way of generating defenses which work well against evolving threats. Case studies with a large cyber security dataset assembled for this investigation demonstrate that each method provides effective, scalable defense against current and future attacks, outperforming gold-standard techniques. Additionally, preliminary tests indicate that a simple variant of the proposed design methodology yields defenses which are difficult for adversaries to reverse-engineer.
Keywords
game theory; learning (artificial intelligence); security of data; adaptive adversaries; border security; counterterrorism; cyber defense; cyber security dataset; defense designs; defense parameterizations; evolving adversaries; fraud prevention; gold standard techniques; machine learning; predictive defense; Accuracy; Classification algorithms; Filtering algorithms; Prediction algorithms; Unsolicited electronic mail; Vectors; adversarial coevolution; cyber security; game theory; machine learning; predictive analytics; security informatics;
fLanguage
English
Publisher
ieee
Conference_Titel
Intelligence and Security Informatics (ISI), 2012 IEEE International Conference on
Conference_Location
Arlington, VA
Print_ISBN
978-1-4673-2105-1
Type
conf
DOI
10.1109/ISI.2012.6283222
Filename
6283222
Link To Document