1 / 37

Effective Network Planning and Defending Strategies to Minimize Service Compromised Probability under Malicious Collabor

Effective Network Planning and Defending Strategies to Minimize Service Compromised Probability under Malicious Collaborative Attacks. Advisor: Professor Frank, Y.S. Lin Presented by Chi-Hsiang Chan. Agenda. Problem Description Mathematical Formulation. Agenda. Problem Description

easter
Download Presentation

Effective Network Planning and Defending Strategies to Minimize Service Compromised Probability under Malicious Collabor

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Effective Network Planning and Defending Strategies to Minimize Service Compromised Probability under Malicious Collaborative Attacks Advisor: Professor Frank, Y.S. Lin Presented by Chi-Hsiang Chan

  2. Agenda • Problem Description • MathematicalFormulation

  3. Agenda • Problem Description • MathematicalFormulation

  4. Problem Description • Network Survivability • Collaborative attack • Commander • Attacker group • Various defense mechanisms • VMM IDS • Dynamic topology reconfiguration • Cloud security service

  5. Attacker View • Commander • Budget • No. of attackers (attacker group) • Goal (service disruption, steal information) • Aggressiveness • Attacker • Energy • Capability • Harmonization • Initial location

  6. Per Hop Decision(Attack Event) • Period decision • Early stage • Late stage • Choose target nodes • Compromise -> risk avoidance • Pretend to attack -> risk tolerance • Choose ideal attackers

  7. Period • N:ThetotalnumbersofnodesintheDefenseNetworks • F:Thetotalnumbersofnodewhichis visible to attacker including compromised nodes and next hop nodes.

  8. Period

  9. No. of Target Nodes • M : Numberofcandidates to compromise • SuccessRate(SR) =RiskAvoidanceCompromised/RiskAvoidanceAttacks • Target nodes ≤ No. of attackers can launch attack

  10. Selecting Criteria

  11. Selecting Criteria • Early stage • Late stage • Risk Avoidance • Risk Tolerance

  12. Selecting Criteria

  13. Choose ideal attackers • No. of attackers • Collaborative attack on the nodes have higher score • Risk tolerance -> do not attack collaboratively • who launch the attack • Set an energy threshold to define risk avoidance and risk tolerance

  14. Example Choose to collaborative attack:70 Choose to attack:50

  15. Attacker View • Attack • Given • Commander’s goal(Steal information, Service disruption) • Commander's budget • Number of attacker • Attacker’s capability, initial location, harmonization • To be determined • Budget for buying attacking tools and launching attack • Attacker event(attack one node) • Given • Attackers’ energy • To be determined • Commander’s aggressiveness • Which attacker launch attack • Which node be attack • Cost for attacking • Collaborative attack or not • Maximum time threshold for compromising a target node

  16. Defender View • Attack • Given • Unit cost of constructing topology and defense mechanism • Service priority • To be determined • Topology and initial defense resource allocation • Budget for constructing topology and defense resource • Attack event • Given • General defense resource and special defense resource on eachnode • To be determined • Activating special defense mechanisms or not

  17. Compromise One Node • Harmonization → vij→ → → • → T Aggressiveness

  18. Agenda • Problem Description • MathematicalFormulation

  19. Mathematical Formulation • Objective • To minimize maximized service compromised probability • Given • Attacker’s and defender’s total budget • Cost of construct topology and defending resource • QoS requirement • To be determined • Attack and defense configuration • Budget spend on each defending mechanism

  20. Assumptions • All attack events are atomic operations. • There are multiple core nodes and services in the network. • Each core node can provide only one specific service. • Each service has different weight, which is determined by the defender. • There is an SOC with full control of the network. • The defender has complete information of network and can allocate resources or adopt defense solutions by the SOC. • Commanders have only incomplete information about the network. • Only nodes with VMM-IPS have local defense function. • Only nodes with VMM-IPS have signature request function. • Only nodes with cloud security agent have cloud security function.

  21. Given Parameters-Index Set

  22. Given Parameters-Cost

  23. Given Parameters-Attacker

  24. Given Parameters-QoS, Risk Level

  25. Given Parameters • The degree of collaboration of attack group launching jth attack on service i, which affects the effectiveness of synergy, where i∈S, 1≤ j ≤ Fi

  26. Decision Variables

  27. Decision Variables

  28. Decision Variables

  29. Verbal Notation-QoS

  30. Verbal Notation-Risk Level

  31. Objective Function (IP 1)

  32. Math Constraints • Budget constraint • Bnodelink≥ 0 • Bgeneral≥ 0 • Bspecial≥ 0 • Bdefending≥ 0 (IP 1.1) (IP 1.2) (IP 1.3) (IP 1.4) (IP 1.5) (IP 1.6)

  33. Math Constraints • Constraints for topology construction • qkl ≥ 0 • g(qkl) ≥ 0 • w × e ≥ 0 (IP 1.7) (IP 1.8) (IP 1.9) (IP 1.10)

  34. Math Constraints • Constraints for general defense resource • nk ≥ 0 • Constraints for cloud security agent • xk= 0 or 1 (IP 1.11) (IP 1.12) (IP 1.13) (IP 1.14)

  35. Math Constraints • Constraints for virtualization • v(lp)≥ 0 • 0 < lp < kp • Bvirtualization + Bcloudagent ≤ Bspecial • Bnodelink + Bgeneral + Bspecial + Bdefending ≤ B (IP 1.15) (IP 1.16) (IP 1.17) (IP 1.18) (IP 1.19)

  36. Verbal Constraints (IP 1.20) (IP 1.21) (IP 1.22) (IP 1.23)

  37. Thanks for Your Listening

More Related