Visible to the public Monitoring, Fusion, and Response for Cyber Resilience - October 2020Conflict Detection Enabled

Submitted by mikeprosise on Fri, 10/09/2020 - 2:04pm

PI: William Sanders

Researchers: Michael Rausch

Special Note: The researchers who previously worked on this project (Mohammad Noureddine, Uttam Thakore, and Ben Ujcich) graduated and are no longer working on the project. Michael Rausch started working on this project this quarter. He had previously worked on the project titled "A Human-Agent-Focused Approach to Security Modeling.

HARD PROBLEM(S) ADDRESSED
This refers to Hard Problems, released November 2012.

  • HARD PROBLEM(S) ADDRESSED

    Accounting for Human Behavior - Recognizing the influence of human actions on security outcomes, the aim of this project is to make fundamental advances in scientifically-motivated techniques to aid risk assessment for computer security through the development of a general-purpose, easy-to-use formalism that allows for realistic modeling of cyber systems and all human agents that interact with the system, including adversaries, defenders, and users, with the ultimate goal of generating quantitative results that will help system architects make better design decisions.

    Our hypothesis is that models that incorporate all human agents who interact with the system will produce insightful metrics. System architects can leverage the results to build more resilient systems that are able to achieve their mission objectives despite attacks. We are particularly interested in performing uncertainty quantification and sensitivity analysis of cyber security models by using specially constructed metamodels to validate cyber security models.

PUBLICATIONS
Papers written as a result of your research from the current quarter only.

  1. M. Rausch and W.H. Sanders. Sensitivity Analysis and Uncertainty Quantification of State-Based Discrete-Event Simulation Models through a Stacked Ensemble of Metamodels. Proceedings of the Quantitative Evaluation of SysTems (QEST), 2020. Winner of Best Paper Award.

KEY HIGHLIGHTS
Each effort should submit one or two specific highlights. Each item should include a paragraph or two along with a citation if available. Write as if for the general reader of IEEE S&P.
The purpose of the highlights is to give our immediate sponsors a body of evidence that the funding they are providing (in the framework of the SoS lablet model) is delivering results that "more than justify" the investment they are making.

Our work on using metamodels to indirectly perform sensitivity analysis and uncertainty quantification on complex and long-running cyber security models won a Best Paper Award at QEST 2020. Using our work, sensitivity analysis and uncertainty quantification can be accomplished thousands of times faster than using traditional methods, and with more accuracy than competing metamodeling approaches. The work we did should make it easier to validate the performance of the cyber security models and allow modelers to gain confidence in the model results.

COMMUNITY ENGAGEMENTS

No community engagements this quarter.

EDUCATIONAL ADVANCES:

None to report.

Groups: