Predictive defense against evolving adversaries

Predictive defense against evolving adversaries

Adaptive adversaries are a primary concern in several domains, including cyber defense, border security, counterterrorism, and fraud prevention, and consequently there is great interest in developing defenses that maintain their effectiveness in the presence of evolving adversary strategies and tact...

Full description

Saved in:
Bibliographic Details
Published in:2012 IEEE International Conference on Intelligence and Security Informatics pp. 18 - 23
Main Authors: Colbaugh, Richard, Glass, Kristin
Format: Conference Proceeding
Language:English
Published: IEEE 01-06-2012
Subjects:
Accuracy
adversarial coevolution
Classification algorithms
cyber security
Filtering algorithms
game theory
machine learning
Prediction algorithms
predictive analytics
security informatics
Unsolicited electronic mail
Vectors
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Adaptive adversaries are a primary concern in several domains, including cyber defense, border security, counterterrorism, and fraud prevention, and consequently there is great interest in developing defenses that maintain their effectiveness in the presence of evolving adversary strategies and tactics. This paper leverages the coevolutionary relationship between attackers and defenders to derive two new approaches to predictive defense, in which future attack techniques are anticipated and these insights are incorporated into defense designs. The first method combines game theory with machine learning to model and predict future adversary actions in the learner's "feature space"; these predictions form the basis for synthesizing robust defenses. The second approach to predictive defense involves extrapolating the evolution of defense configurations forward in time, in the space of defense parameterizations, as a way of generating defenses which work well against evolving threats. Case studies with a large cyber security dataset assembled for this investigation demonstrate that each method provides effective, scalable defense against current and future attacks, outperforming gold-standard techniques. Additionally, preliminary tests indicate that a simple variant of the proposed design methodology yields defenses which are difficult for adversaries to reverse-engineer.
ISBN:9781467321051
1467321052
DOI:10.1109/ISI.2012.6283222