1 / 59

Optimal Defense Strategy Against Intentional Attacks

Optimal Defense Strategy Against Intentional Attacks. IEEE TRANSACTIONS ON RELIABILITY, VOL. 56, NO. 1, MARCH 2007. Instructor: Professor Frank Y.S. Lin Presented by Guan-Wei Chen 陳冠瑋. Outline. Introduction Model Defense Strategy Optimization Problems

cdeane
Download Presentation

Optimal Defense Strategy Against Intentional Attacks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Optimal Defense Strategy Against Intentional Attacks IEEE TRANSACTIONS ON RELIABILITY, VOL. 56, NO. 1, MARCH 2007 Instructor: Professor Frank Y.S. Lin Presented by Guan-Wei Chen 陳冠瑋

  2. Outline • Introduction • Model • Defense Strategy Optimization Problems • Evaluating the pmd of System Performance • Optimization Technique • Illustrative Examples • Conclusions and my work OPLAB IM NTU

  3. Outline • Introduction • Model • Defense Strategy Optimization Problems • Evaluating the pmd of System Performance • Optimization Technique • Illustrative Examples • Conclusions and my work OPLAB IM NTU

  4. Introduction • Intentional attacks V.S. Accidents • The attacker has always an advantage over the defender • Defender’s optimal policy should take into account the attacker’s strategy • Attackers maximize either the success probability of an attack, or expected damage OPLAB IM NTU

  5. Introduction • A survivable system is • “complete its mission in a timely manner, even if significant portions are incapacitated by attack or accident” • External factors (attacks) and internal cause (failures) • Each state can be characterized by a system performance rate, which is the quantitative measure of a system’s ability to perform its task OPLAB IM NTU

  6. Introduction • Defense strategy presumes separation and protection of system elements • Attackers maximize the expected damage of attacks • Using a universal generating function technique for evaluating the losses • Genetic algorithm for optimal strategy OPLAB IM NTU

  7. Outline • Introduction • Model • Defense Strategy Optimization Problems • Evaluating the pmd of System Performance • Optimization Technique • Illustrative Examples • Conclusions OPLAB IM NTU

  8. Component n Protected group m elements Model- Nomenclature OPLAB IM NTU

  9. Model - Nomenclature OPLAB IM NTU

  10. Model - Nomenclature OPLAB IM NTU

  11. ModelThe probabilistic distribution of system performance • For any given attacker’s α, and defender’s β, γ • A function of losses associated with thesystem performance reduction below the demand W OPLAB IM NTU

  12. Model- The loss cost • The expected cost of these losses • When the losses are proportional to the unsupplied demand OPLAB IM NTU

  13. Model - The loss cost • The system totally fails when its performance becomes lower than the demand • For variable demand with pmf OPLAB IM NTU

  14. Model- The total expected damage 成功攻克機率 Performance 沒達到所需的Demand下的損失。 PG內elements的本身價值 PG的本身價值 OPLAB IM NTU

  15. Outline • Introduction • Model • Defense Strategy Optimization Problems • Single attack • Multiple attack • Evaluating the pmd of System Performance • Optimization Technique • Illustrative Examples • Conclusions OPLAB IM NTU

  16. Defense Strategy Optimization Problems • Minimize the expected damage and total defense investment cost • for constrained case • for unconstrained case 總投入防禦成本 expected damage OPLAB IM NTU

  17. Defense Strategy Optimization Problems- Single Attack • Single attack is realistic because of limited resources • The attacker being detected and disable • The attacks on different PG are mutually exclusive events OPLAB IM NTU

  18. Defense Strategy Optimization Problems- Single Attack (1) • The attacker has perfect knowledge and its defenses • Attacker’s strategy: • Optimal defender’s strategies: OPLAB IM NTU

  19. Defense Strategy Optimization Problems- Single Attack (2) • has perfect knowledge but not knows its defenses • Attacker’s strategy: • Optimal defender’s strategies: OPLAB IM NTU

  20. Defense Strategy Optimization Problems- Single Attack (3) • Has no information, and can’t direct the attack precisely (low-precision missile attack) • Choose targets at random OPLAB IM NTU

  21. Defense Strategy Optimization Problems- Single Attack (3) • Imperfect knowledge • Attacker’s strategy: • Optimal defender’s strategies: OPLAB IM NTU

  22. Outline • Introduction • Model • Defense Strategy Optimization Problems • Single attack • Multiple attack • Evaluating the pmd of System Performance • Optimization Technique • Illustrative Examples • Conclusions OPLAB IM NTU

  23. Defense Strategy Optimization Problems- Multiple Attacks • Several targets can be attacked • Worst case is unlimited attacker’s resources • Any target is attacked with probability 1 • Attacker’s budget is limited, the most effective attack strategy: OPLAB IM NTU

  24. Defense Strategy Optimization Problems- Multiple Attacks • Under imperfect information, the attack probability can be positive or negative correlation with the damage • Different attacks are not mutually exclusive • The optimal defense strategy: OPLAB IM NTU

  25. Outline • Introduction • Model • Defense Strategy Optimization Problems • Evaluating the pmd of System Performance • Universal Generating Function Technique • Incorporating PG Destruction Probability • Optimization Technique • Illustrative Examples • Conclusions OPLAB IM NTU

  26. Evaluating the pmd of System Performance • To develop an algorithm for evaluating the expected damage D (α, β, γ) • The system performance distribution can be obtained using • The universal generating function (u-function) OPLAB IM NTU

  27. Evaluating the pmd of System Performance- Universal Generating Function • The pmf of a discrete random Y variable is defined as a polynomial • Two independent random variables are φ (Y, T) OPLAB IM NTU

  28. Evaluating the pmd of System Performance- Universal Generating Function • The composition functions φ depends on the type of connection between the elements, and on the type of the system • a pair of elements connected in parallel • a pair of elements connected in series OPLAB IM NTU

  29. Evaluating the pmd of System Performance- In our case • The u-functions can represent performance distributions of individual systemelements, and their groups • Element k of component n have two states • Nominal performance (probability ) • Total failure performance (probability ) η Performance 以elements來看 OPLAB IM NTU

  30. Evaluating the pmd of System Performance- recursive procedure 1 • Entire system performance can be obtain: • Find any pair of system elements connected in parallel, or in series. • Obtain the u-function of this pair using the corresponding composition operator over two u-functions of the elements, where the function is determined by the nature of the interaction between elements’ performances. • Replace the pair with a single element having the u-function obtained in step 2. • If the system contains more than one element, return to step 1. OPLAB IM NTU

  31. Outline • Introduction • Model • Defense Strategy Optimization Problems • Evaluating the pmd of System Performance • Universal Generating Function Technique • Incorporating PG Destruction Probability • Optimization Technique • Illustrative Examples • Conclusions OPLAB IM NTU

  32. Evaluating the pmd of System Performance- Incorporating PG Destruction Probability • U-function represents the PG’s cumulative performance which is not destroyed • Protection of type β • Be destroyed probability • Normal working probability • The component u-function is The component performance 攻擊失敗機率 攻擊成功機率 OPLAB IM NTU

  33. Evaluating the pmd of System Performance- Procedure 2 計算elements所組成的PG的performance 計算PG所組成的component的system performance OPLAB IM NTU

  34. Outline • Introduction • Model • Defense Strategy Optimization Problems • Evaluating the pmd of System Performance • Optimization Technique • Illustrative Examples • Conclusions OPLAB IM NTU

  35. Optimization Technique • Exhaustive examinations of all possible solutions are infeasible • In most combinatorial optimization problems, the quality of a given solution is the only information available • A heuristic search algorithm is needed which uses estimates of solution quality OPLAB IM NTU

  36. Optimization Technique • Meta-heuristics: Genetic Algorithm, Simulated Annealing, Tabu Serach, Threshold Accepting • Defense strategy β, γ can be represented by concatenation of integer string Elements在PG內的分布情形 PG所被選擇的保護type OPLAB IM NTU

  37. Optimization Technique- GA implementation • An initial population of randomly constructed solutions (strings) is generated • new solutions are obtained by using crossover, and mutation operators • This procedure avoids premature convergence to a local optimum, and facilitates jumps in the solution space. OPLAB IM NTU

  38. Optimization Technique- GA implementation • Each new solution is decoded, and its objective function (fitness) values are estimated • The fitness values are a measure of quality, and used to compare different solutions • The comparison is accomplished by a selection procedure that determines which solution is better OPLAB IM NTU

  39. Outline • Introduction • Model • Defense Strategy Optimization Problems • Evaluating the pmd of System Performance • Optimization Technique • Illustrative Examples • Conclusions OPLAB IM NTU

  40. The series-parallel system (power substation) • Five component: • Power transformers • Capacitor banks • Input high voltage line sections, • Output medium voltage line sections, • Blocks of commutation equipment. • Within each component, the elements can be separated in an arbitrary way, and protected OPLAB IM NTU

  41. Illustrative Examples- Characteristics of system elements OPLAB IM NTU

  42. Illustrative Examples- power substation 五個電子component 系統脆弱度 Element 個別的保護cost 保護的類別 OPLAB IM NTU

  43. Illustrative Examples- power substation • The system demand is constant W = 120 • The cost is proportional to the unsupplied demand with ε= 85 • Three cases are discussed: • single attack with perfect attacker’s knowledge • single attack with no perfect knowledge • multiple attacks with unlimited attacker’s resources OPLAB IM NTU

  44. Illustrative Examples- Single without knowledge • Separation is very effective against single attacks because it reduces the damage caused • the total separation is used for a minimal defense budget OPLAB IM NTU

  45. Illustrative Examples- Single with knowledge • Find the most attractive PG to attack: The same PG with protection of type 1 OPLAB IM NTU

  46. Illustrative Examples- unlimited multiple attack • all the PG can be attacked simultaneously • the protection plays a more important role than the separation OPLAB IM NTU

  47. Illustrative Examples • The demand is relatively small, and the separation is efficient • The demand is close to the maximal possible system performance OPLAB IM NTU

  48. Illustrative Examples • The investment-effect relationship provides important information to decision makers • Knowing how the increase of the defense budget can reduce the expected damage Budget = 125 Damage= 4266.9 OPLAB IM NTU

  49. Outline • Introduction • Model • Defense Strategy Optimization Problems • Evaluating the pmd of System Performance • Optimization Technique • Illustrative Examples • Conclusions and my work OPLAB IM NTU

  50. Conclusions • Aimed at developing the optimal defense strategy under different: • conditions of the system functioning • scenarios of the attacker’s behavior • The universal generating technique used for evaluating the expected damage D • With optimization meta-heuristics used for solving complex optimization problems OPLAB IM NTU

More Related