Using POMDP-based Approach to Address Uncertainty-Aware Adaptation for Self-Protecting Software

TL;DR

This paper introduces a POMDP-based method for self-adaptive Moving Target Defense in cybersecurity, effectively managing uncertainties in environment and model parameters to enhance system resilience.

Contribution

It presents a novel uncertainty-aware, self-adaptive MTD decision engine using POMDP and Bayesian learning, addressing limitations of existing solutions.

Findings

Preliminary results show improved handling of environmental variability.

The approach demonstrates potential for more effective cyber defense strategies.

Challenges in implementation highlight areas for future research.

Abstract

The threats posed by evolving cyberattacks have led to increased research related to software systems that can self-protect. One topic in this domain is Moving Target Defense (MTD), which changes software characteristics in the protected system to make it harder for attackers to exploit vulnerabilities. However, MTD implementation and deployment are often impacted by run-time uncertainties, and existing MTD decision-making solutions have neglected uncertainty in model parameters and lack self-adaptation. This paper aims to address this gap by proposing an approach for an uncertainty-aware and self-adaptive MTD decision engine based on Partially Observable Markov Decision Process and Bayesian Learning techniques. The proposed approach considers uncertainty in both state and model parameters; thus, it has the potential to better capture environmental variability and improve defense strategies. A preliminary study is presented to highlight the potential effectiveness and challenges of the proposed approach.