Optimizing network microsegmentation policy for cyber resilience. (January 2023)

Record Type:: Journal Article
Title:: Optimizing network microsegmentation policy for cyber resilience. (January 2023)
Main Title:: Optimizing network microsegmentation policy for cyber resilience
Authors:: Noel, Steven
Swarup, Vipin
Johnsgard, Karin
Other Names:: Bagrodia Rajive guest-editor.
Abstract:: This paper describes an approach for improving cyber resilience through the synthesis of optimal microsegmentation policy for a network. By leveraging microsegmentation security architecture, we can reason about fine-grained policy rules that enforce access for given combinations of source address, destination address, destination port, and protocol. Our approach determines microsegmentation policy rules that limit adversarial movement within a network according to assumed attack scenarios and mission availability needs. For this problem, we formulate a novel optimization objective function that balances cyberattack risks against accessibility to critical network resources. Given the application of a particular set of policy rules as a candidate optimal solution, this objective function estimates the adversary effort for carrying out a particular attack scenario, which it balances against the extent to which the solution restricts access to mission-critical services. We then apply artificial intelligence techniques (evolutionary programming) to learn microsegmentation policy rules that optimize this objective function.
Is Part Of:: Journal of defense modeling and simulation. Volume 20:Number 1(2023)
Journal:: Journal of defense modeling and simulation
Issue:: Volume 20:Number 1(2023)
Issue Display:: Volume 20, Issue 1 (2023)
Year:: 2023
Volume:: 20
Issue:: 1
Issue Sort Value:: 2023-0020-0001-0000
Page Start:: 57
Page End:: 79
Publication Date:: 2023-01
Subjects:: Security policy optimization -- attack graphs -- genetic algorithms
Military art and science -- Computer simulation -- Periodicals
355.0011305
Journal URLs:: http://dms.sagepub.com/ ↗
http://www.uk.sagepub.com ↗
DOI:: 10.1177/15485129211051386 ↗
Languages:: English
ISSNs:: 1548-5129
Deposit Type:: Legaldeposit
View Content:: Available online (eLD content is only available in our Reading Rooms) ↗
Physical Locations:: British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store
Ingest File:: 24758.xml