Optimal Network Security Hardening Using Attack Graph Games
Karel Durkota, Viliam Lisy, Branislav Bosansky, and Christopher Kiekintveld
In IJCAI International Joint Conference on Artificial Intelligence. 2015.
This is the author's version of the work.
Download
Abstract
Preventing attacks in a computer network is the
core problem in network security. We introduce
a new game-theoretic model of the interaction between
a network administrator who uses limited resource
to harden a network and an attacker who follows
a multi-stage plan to attack the network. The
possible plans of the attacker are compactly represented
using attack graphs, while the defender adds
fake targets (honeypots) to the network to deceive
the attacker. The compact representation of the attacker’s
strategies presents a computational challenge
and finding the best response of the attacker
is NP-hard. We present a solution method that first
translates an attack graph into an MDP and solves
it using policy search with a set of pruning techniques.
We present an empirical evaluation of the
model and solution algorithms, evaluating scalability,
the types of solutions that are generated for realistic
cases, and sensitivity analysis.
