1 / 33

Research Direction Introduction

Research Direction Introduction. Advisor: Professor Frank, Y.S. Lin Presented by Chi-Hsiang Chan. Agenda. Problem Description Mathematical Formulation. Agenda. Problem Description Mathematical Formulation. Problem Description. Network survivability Collaborative attack

jacqueline-simon
Download Presentation

Research Direction Introduction

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Research Direction Introduction Advisor: Professor Frank, Y.S. Lin Presented by Chi-Hsiang Chan

  2. Agenda • ProblemDescription • MathematicalFormulation

  3. Agenda • ProblemDescription • MathematicalFormulation

  4. Problem Description • Network survivability • Collaborative attack • Various defense mechanisms

  5. Defender View • Special Defense Resource • Cost budget • VM IDS signature • Cloud security service • Costless(impact QoS) • VMM local defense • Dynamic topology reconfiguration

  6. Attacker View • Attack Network • Commander • Attacker • Budget • Initial location(Insider, Outsider) • Capability(How well attacker uses attack tools) • Goal • Steal confidential information(Specific core node) • Service disruption

  7. Per Hop Decision(Attack Event) • Period decision • Early stage • Late stage • Strategy decision by criteria • Compromise -> risk avoidance • Pretend to attack -> risk tolerance • No. of attackers • Choose ideal attackers • Aggressiveness • Attack Energy • Budget • Capability

  8. Time Issue • Attacker • Compromise time • Recovery time • Defender • Signature generate • Reconfiguration impact QoS

  9. Synergy • Pros • Decrease budget cost of each attacker • eg. A(budget:100 capability:10) B(budget:200 capability:5) • Less recovery time • Less compromise time • Cons • Probability of detected

  10. Agenda • ProblemDescription • MathematicalFormulation

  11. Mathematical Formulation • Objective • To minimize maximized service compromised probability • Given • Attacker’s and defender’s total budget • Cost of construct topology and defending resource • QoS requirement • To be determined • Attack and defense configuration • Budget spend on each defending mechanism

  12. Assumptions • There are multiple core nodes and services in the network. • Each core node can provide only one specific service. • Each service has different weight, which is determined by the defender. • There is an SOC with full control of the network. • The defender has complete information of network and can allocate resources or adopt defense solutions by the SOC. • Commanders have only incomplete information about the network. • Only nodes with VMM-IPS have local defense function. • Only nodes with VMM-IPS have signature request function. • Only nodes with cloud security agent have cloud security function.

  13. Given Parameters-Index Set

  14. Given Parameters-Cost

  15. Given Parameters-Attacker 1,5,8 2,6,7, 11,17 4,9,12,16 F1=3 F2=5 F3=2

  16. Degree of Collaborations • Time aspect • vij↑=> μt↓,σt↓ • Cost aspect Time

  17. Given Parameters

  18. Decision Variables

  19. Decision Variables

  20. Decision Variables-Budget

  21. Verbal Notation-QoS

  22. Verbal Notation-Risk Level

  23. Objective Function IP 1

  24. Math Constraints • Budget constraint • Bnodelink≥ 0 • Bgeneral≥ 0 • Bspecial≥ 0 • Bdefending≥ 0 IP 1.1 IP 1.2 IP 1.3 IP 1.4 IP 1.5 IP 1.6

  25. Math Constraints • Constraints for topology construction • qkl ≥ 0 • g(qkl) ≥ 0 • w × e ≥ 0 IP 1.7 IP 1.8 IP 1.9 IP 1.10

  26. Math Constraints • Constraints for general defense resource • nk ≥ 0 • Constraints for cloud security agent • xk= 0 or 1 IP 1.11 IP 1.12 IP 1.13 IP 1.14

  27. Math Constraints • Constraints for virtualization • v(lp)≥ 0 • 0 < lp < kp • Bvirtualization + Bcloudagent ≤ Bspecial • Bnodelink + Bgeneral + Bspecial + Bdefending ≤ B IP 1.15 IP 1.16 IP 1.17 IP 1.18 IP 1.19

  28. Verbal Constraints IP 1.20 IP 1.21 IP 1.22 IP 1.23

  29. QoS Constraint QoS Attack Event

  30. Thanks For Your Attention

  31. Period • N:ThetotalnumbersofnodesintheDefenseNetworks • F:ThetotalnumbersofnodewhichiscompromisedintheDefenseNetworks.

  32. Selecting Criteria

  33. No. of Attackers • M : Numberofselectedcandidates • SuccessRate(SR) =RiskAvoidanceCompromised/RiskAvoidanceAttacks

More Related