Cyber defense in breadth: Modeling and analysis of integrated defense systems. (April 2018)
- Record Type:
- Journal Article
- Title:
- Cyber defense in breadth: Modeling and analysis of integrated defense systems. (April 2018)
- Main Title:
- Cyber defense in breadth: Modeling and analysis of integrated defense systems
- Authors:
- Cho, Jin-Hee
Ben-Asher, Noam - Other Names:
- Kott Alexander guest-editor.
- Abstract:
- Cybersecurity is one of most critical concerns for any organization, as frequency and severity of cyber attacks constantly increase, resulting in loss of vital assets and/or services. To preserve key security goals such as confidentiality, integrity, and availability, a variety of defense techniques have been introduced. While intrusion detection system (IDS) has played a key role in cybersecurity for a long time, recently new proactive defense techniques, called intrusion prevention techniques, have emerged, aiming to resolve the known IDS limitations. The intrusion prevention techniques have been introduced to control actions of attackers as a proactive defense that can be deployed independently or combined with other defense techniques that have the purpose of achieving "Defense in Breadth." In this work, we develop a probability model using Stochastic Petri Nets that describes an integrated defense system with the defense techniques of both intrusion detection (i.e., IDS) and intrusion prevention (i.e., honeypots and platform migration) and analyze its performance compared to single defense or partially integrated defense approaches. Our result shows that the integrated defense system outperforms the compared approaches by minimizing attack success while maximizing system lifetime (i.e., mean time to security failure). Further, we investigate the effect of the interplay between different defense techniques in terms of the defense cost and attack cost.
- Is Part Of:
- Journal of defense modeling and simulation. Volume 15:Number 2(2018:Apr.)
- Journal:
- Journal of defense modeling and simulation
- Issue:
- Volume 15:Number 2(2018:Apr.)
- Issue Display:
- Volume 15, Issue 2 (2018)
- Year:
- 2018
- Volume:
- 15
- Issue:
- 2
- Issue Sort Value:
- 2018-0015-0002-0000
- Page Start:
- 147
- Page End:
- 160
- Publication Date:
- 2018-04
- Subjects:
- Defense in breadth -- integrated defense systems -- moving target defense -- deception -- intrusion detection -- intrusion prevention -- attack -- defense -- mean time to security failure
Military art and science -- Computer simulation -- Periodicals
355.0011305 - Journal URLs:
- http://dms.sagepub.com/ ↗
http://www.uk.sagepub.com ↗ - DOI:
- 10.1177/1548512917699725 ↗
- Languages:
- English
- ISSNs:
- 1548-5129
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 8028.xml