Cyber Deception Metrics For Interconnected Complex Systems

Cyber attackers' evolving skills cause it challenging to secure the network. Thus it is paramount to characterize adversarial strategies and estimate the attacker's capability. Furthermore, estimating the adversarial capability can aid the cyber defender when deciding to place deceptive el...

Full description

Saved in:
Bibliographic Details
Published in2022 Winter Simulation Conference (WSC) pp. 473 - 483
Main Authors Al Amin, Md Ali Reza, Shetty, Sachin, Kamhoua, Charles
Format Conference Proceeding
LanguageEnglish
Published IEEE 11.12.2022
Subjects
Bayes methods
Complex systems
Measurement
Online AccessGet full text

Cover

More Information
Summary:Cyber attackers' evolving skills cause it challenging to secure the network. Thus it is paramount to characterize adversarial strategies and estimate the attacker's capability. Furthermore, estimating the adversarial capability can aid the cyber defender when deciding to place deceptive elements in the network. In this paper, we address the problem of characterizing adversarial strategies and develop a suite of metrics that quantify the opportunity and capability of the adversary. Using these metrics, the cyber defender can estimate the attacker's capability. In our simulation, we incorporated the developed metrics to estimate adversary capabilities based on the attacker's aggression, knowledge, and stealthiness level. To minimize the adversarial impact, we consider placing decoy nodes as deceptive elements in the network and measure the effectiveness of having decoy nodes. Our experimental evaluation suggests that placing decoy nodes in the network can effectively increase the attacker's resource usage and decrease the win percentage.
ISSN:1558-4305
DOI:10.1109/WSC57314.2022.10015347