Visible to the public Monitoring, Fusion, and Response for Cyber Resilience - April 2021Conflict Detection Enabled

Submitted by mikeprosise on Fri, 04/09/2021 - 10:15am

PI: William Sanders

Researchers: Michael Rausch

HARD PROBLEM(S) ADDRESSED
This refers to Hard Problems, released November 2012.

Accounting for Human Behavior - Recognizing the influence of human actions on security outcomes, the aim of this project is to make fundamental advances in scientifically-motivated techniques to aid risk assessment for computer security through the development of a general-purpose, easy-to-use formalism that allows for realistic modeling of cyber systems and all human agents that interact with the system, including adversaries, defenders, and users, with the ultimate goal of generating quantitative results that will help system architects make better design decisions.

Our hypothesis is that models that incorporate all human agents who interact with the system will produce insightful metrics. System architects can leverage the results to build more resilient systems that are able to achieve their mission objectives despite attacks. We are particularly interested in performing uncertainty quantification and sensitivity analysis of cyber security models by using specially constructed metamodels to validate cyber security models.

PUBLICATIONS
Papers written as a result of your research from the current quarter only.

None.

KEY HIGHLIGHTS
Each effort should submit one or two specific highlights. Each item should include a paragraph or two along with a citation if available. Write as if for the general reader of IEEE S&P.
The purpose of the highlights is to give our immediate sponsors a body of evidence that the funding they are providing (in the framework of the SoS lablet model) is delivering results that "more than justify" the investment they are making.

There were two main directions we pursued this quarter. First, we investigated whether adaptive sampling could be used to collect higher-quality training data which could be used to build more accurate metamodels for sensitivity analysis and uncertainty quantification. Our adaptive sampling approach was not successful: the metamodels trained using the data collected by the adaptive sampling method were less accurate than the metamodels trained on non-adaptive sampling methods. We may return to adaptive sampling in the future, but we decided to shift our focus to a new direction. The second approach we tried was to determine if the metamodeling approach generalized. As of our last report we had only tried it on two models. We found six more models to use as test cases. We have found that our metamodeling approach works well on these six additional models and thus seems to generalize well. We intend to submit our findings to a conference next quarter.

COMMUNITY ENGAGEMENTS

No community engagements this quarter.

EDUCATIONAL ADVANCES:

None to report.

Groups: