Extending anticipation games with location penalty and timelineExtending anticipation games with location penalty and timeline
  1. publications
  2. network security

Extending anticipation games with location penalty and timeline

Available Media

Publication (Pdf)

Slides (pdf)

ConferenceRevised Selected Papers of the 5th International Workshop on Formal Aspects in Security and Trust
AuthorElie Bursztein
Citation

Bibtex Citation

@inproceedings{ BURSZTEIN2008EXTENDING,title = {Extending anticipation games with location penalty and timeline},author = {"Elie, Bursztein"},booktitle = {Revised Selected Papers of the 5th International Workshop on Formal Aspects in Security and Trust},year = {2008},organization = {IEEE}}

Over the last few years, attack graphs have became a well recognized tool to analyze and model complex network attack. The most advanced evolution of attack graphs, called anticipation games, is based on game theory. However even if anticipation games allow to model time, collateral effects and player interactions with the network, there is still key aspects of the network security that cannot be modeled in this framework. Theses aspects are network cooperation to fight unknown attack, the cost of attack based on its duration and the introduction of new attack over the time. In this paper we address these needs, by introducing a three-fold extension to anticipation games. We prove that this extension does not change the complexity of the framework. We illustrate the usefulness of this extension by presenting how it can be used to find a defense strategy against 0 days that use an honey net. Finally, we have implemented this extension into a prototype, to show that it can be used to analyze large networks security.

Recent

newsletter signup slide

Get cutting edge research directly in your inbox.

newsletter signup slide

Get cutting edge research directly in your inbox.