A Supervisory Control Approach to Dynamic Cyber-Security
Mohammad Rasouli, Erik Miehling, Demosthenis Teneketzis
TL;DR
This paper presents a supervisory control framework for dynamic cyber-security, modeling network defense as a discrete event system and deriving optimal policies using dynamic programming under imperfect information.
Contribution
It introduces a novel supervisory control approach to model and solve dynamic cyber-security problems with imperfect information and progressive attacks.
Findings
Optimal defense policies depend on system parameters.
The approach effectively captures progressive attack scenarios.
Dynamic programming yields near-optimal strategies within policy constraints.
Abstract
An analytical approach for a dynamic cyber-security problem that captures progressive attacks to a computer network is presented. We formulate the dynamic security problem from the defender's point of view as a supervisory control problem with imperfect information, modeling the computer network's operation by a discrete event system. We consider a min-max performance criterion and use dynamic programming to determine, within a restricted set of policies, an optimal policy for the defender. We study and interpret the behavior of this optimal policy as we vary certain parameters of the supervisory control problem.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsNetwork Security and Intrusion Detection · Information and Cyber Security · Security and Verification in Computing