Automated Design of Network Security Metrics
Title | Automated Design of Network Security Metrics |
Publication Type | Conference Paper |
Year of Publication | 2018 |
Authors | Pope, Aaron Scott, Morning, Robert, Tauritz, Daniel R., Kent, Alexander D. |
Conference Name | Proceedings of the Genetic and Evolutionary Computation Conference Companion |
Publisher | ACM |
Conference Location | New York, NY, USA |
ISBN Number | 978-1-4503-5764-7 |
Keywords | genetic programming, Metrics, Network security, predictive security metrics, pubcrawl, security metrics |
Abstract | Many abstract security measurements are based on characteristics of a graph that represents the network. These are typically simple and quick to compute but are often of little practical use in making real-world predictions. Practical network security is often measured using simulation or real-world exercises. These approaches better represent realistic outcomes but can be costly and time-consuming. This work aims to combine the strengths of these two approaches, developing efficient heuristics that accurately predict attack success. Hyper-heuristic machine learning techniques, trained on network attack simulation training data, are used to produce novel graph-based security metrics. These low-cost metrics serve as an approximation for simulation when measuring network security in real time. The approach is tested and verified using a simulation based on activity from an actual large enterprise network. The results demonstrate the potential of using hyper-heuristic techniques to rapidly evolve and react to emerging cybersecurity threats. |
URL | http://doi.acm.org/10.1145/3205651.3208266 |
DOI | 10.1145/3205651.3208266 |
Citation Key | pope_automated_2018 |