Impact of the Computer System User When Creating Cyber Defense Strategies

被引:1
|
作者
Colvett, C. Daniel [1 ]
Petty, Mikel D. [1 ]
Bland, John A. [1 ]
Maxwell, Katia P. [2 ]
Rosenhoover, Marshall [1 ]
机构
[1] Univ Alabama, Huntsville, AL 35899 USA
[2] Athens State Univ, Athens, AL USA
来源
ACMSE 2022: PROCEEDINGS OF THE 2022 ACM SOUTHEAST CONFERENCE | 2022年
关键词
Cybersecurity; Petri Nets; Reinforcement Learning; PNPSC;
D O I
10.1145/3476883.3520208
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Petri nets with Players, Strategies, and Costs (PNPSC) is an extension of Petri nets that can model cyberattacks and defenses. Previous work has created PNPSC nets for cyberattack patterns based on the MITRE Common Attack Pattern Enumeration and Classification (CAPEC) database. The previous PNPSC nets modeled two players, the attacker and defender, but did not account for the computer system user. This research enhances previously developed PNPSC nets by adding representation for the computer system user. The research also builds on previous work in which cyber defense strategies were generated and improved with an epsilon-greedy reinforcement learning algorithm. The results show that including a representation for computer system users impacts the strategies developed by the defender, who must now balance computer system usability with computer system security.
引用
收藏
页码:74 / 81
页数:8
相关论文
共 50 条
  • [21] Hybrid cyber defense strategies using Honey-X: A survey
    Qin, Xingsheng
    Jiang, Frank
    Cen, Mingcan
    Doss, Robin
    COMPUTER NETWORKS, 2023, 230
  • [22] Game Control of Attack and Defense in Cyber Physical System
    Cai, Xiaobo
    Wang, Baijuan
    Cao, Zhiyong
    Zhang, Haitao
    Han, Ke
    Chen, Min
    Xu, Jiajun
    Zi, Caifei
    Wu, Wendou
    2020 INTERNATIONAL CONFERENCE ON IDENTIFICATION, INFORMATION AND KNOWLEDGE IN THE INTERNET OF THINGS (IIKI2020), 2021, 187 : 488 - 494
  • [23] Attack and Defense Strategies in Cyber War Involving Production and Stockpiling of Zero-Day Cyber Exploits
    Kjell Hausken
    Jonathan W. Welburn
    Information Systems Frontiers, 2021, 23 : 1609 - 1620
  • [24] Attack and Defense Strategies in Cyber War Involving Production and Stockpiling of Zero-Day Cyber Exploits
    Hausken, Kjell
    Welburn, Jonathan W.
    INFORMATION SYSTEMS FRONTIERS, 2021, 23 (06) : 1609 - 1620
  • [25] Towards Automated Verification of Active Cyber Defense Strategies on Software Defined Networks
    Alsaleh, Mohammed Noraden
    Al-Shaer, Ehab
    PROCEEDINGS OF THE 2016 ACM WORKSHOP ON AUTOMATED DECISION MAKING FOR ACTIVE CYBER DEFENSE (SAFECONFIG'16), 2016, : 23 - 29
  • [26] Defense Strategies for Integrated Energy Cyber Physical Systems Considering Joint Attacks
    Gu, Danyan
    Hong, Lucheng
    Yu, Qiangqiang
    Hua, Liang
    2024 THE 7TH INTERNATIONAL CONFERENCE ON ENERGY, ELECTRICAL AND POWER ENGINEERING, CEEPE 2024, 2024, : 1494 - 1499
  • [27] Perverse Effects in Defense of Computer Systems: When More Is Less
    Wolff, Josephine
    JOURNAL OF MANAGEMENT INFORMATION SYSTEMS, 2016, 33 (02) : 597 - 620
  • [28] Perverse Effects in Defense of Computer Systems: When More Is Less
    Wolff, Josephine
    PROCEEDINGS OF THE 49TH ANNUAL HAWAII INTERNATIONAL CONFERENCE ON SYSTEM SCIENCES (HICSS 2016), 2016, : 4823 - 4831
  • [29] User behavior on an interactive computer system
    Boies, SJ
    IBM SYSTEMS JOURNAL, 1999, 38 (2-3) : 162 - 179
  • [30] The instrumentalised user: human, computer, system
    Kushner, Scott
    INTERNET HISTORIES, 2021, 5 (02): : 154 - 170
12345