Visible to the public Automated Design of Network Security Metrics

TitleAutomated Design of Network Security Metrics
Publication TypeConference Paper
Year of Publication2018
AuthorsPope, Aaron Scott, Morning, Robert, Tauritz, Daniel R., Kent, Alexander D.
Conference NameProceedings of the Genetic and Evolutionary Computation Conference Companion
PublisherACM
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-5764-7
Keywordsgenetic programming, Metrics, Network security, predictive security metrics, pubcrawl, security metrics
Abstract

Many abstract security measurements are based on characteristics of a graph that represents the network. These are typically simple and quick to compute but are often of little practical use in making real-world predictions. Practical network security is often measured using simulation or real-world exercises. These approaches better represent realistic outcomes but can be costly and time-consuming. This work aims to combine the strengths of these two approaches, developing efficient heuristics that accurately predict attack success. Hyper-heuristic machine learning techniques, trained on network attack simulation training data, are used to produce novel graph-based security metrics. These low-cost metrics serve as an approximation for simulation when measuring network security in real time. The approach is tested and verified using a simulation based on activity from an actual large enterprise network. The results demonstrate the potential of using hyper-heuristic techniques to rapidly evolve and react to emerging cybersecurity threats.

URLhttp://doi.acm.org/10.1145/3205651.3208266
DOI10.1145/3205651.3208266
Citation Keypope_automated_2018