The Presentation of an Active Cyber Defense Model for Application in Cyber Deception Technology

Document Type : Original Article

Authors

1 Assistant Professor, Malek Ashtar University of Technology, Tehran, Iran

2 Master student, Malek Ashtar University of Technology, Tehran, Iran

Abstract

In recent years, the violation of the privacy of information and communication networks, which are more commonly known as cyber-attacks, has been increasing exponentially. These network breaches range from direct attacks on government infrastructure to populist activism and theft. This trend has increased the social and political awareness of users. The active cyber defense is a mechanism to protect computer devices, networks and digital devices against cyber-attacks and destructive intrusions. The function of active cyber defense is to actively seek to infiltrate or engage with the perpetrators of cyber incidents. The reaction of the defenders has always caused an imbalance between their activities and the attackers. Attackers have always used the network as a platform to strengthen their attacks to increase the intensity of attacks. In this study, we have used the Markov model to model and show the inherent difference in the performance of users and network intruders, with the distinction that the proposed model is different from the automatic patch and Moran trend and is more similar to the voter model. The proposed dynamic system model is based on the field average approximation, which purposefully determines the performance of active cyber defense. The imbalance between defenders and attackers in this proposed model is eliminated and according to the proposed dynamics and network conditions, we have provided a platform for the interaction of defenders and attackers to examine the performance of power functions in different situations. In the simulations, the performance of attackers and defenders is examined and according to the results obtained in the diagrams mentioned in the final part of the article, it is shown how to use the active cyber defense at the right time so that we can use this defensive approach in the right situation .

Keywords


[1]   K. M. Aghaei, S. Farshchi, en H. Shirazi, “A new architecture for impact projection of cyber-attacks based on high level information fusion in cyber command and control”, 2015.
[2] D. Aitel, “Nematodes--beneficial worms”, Black Hat Federal, vol 33, bll 39–44, 2006. [3] N. Weaver and D. Ellis, “White worms don’t work,” ;login: The USENIX Magazine, vol. 31, no. 6, pp. 33–38, 2006.
[3] Q. Zhang, C. Zhou, N. Xiong, Y. Qin, X. Li, en S. Huang, “Multimodel-based incident prediction and risk assessment in dynamic cybersecurity protection for industrial control systems”, IEEE Transactions on Systems, Man, and Cybernetics: Systems, vol 46, no 10, bll 1429–1444, 2015.
[4] J. Aycock en A. Maurushat, “‘ Good’ worms and human rights”, Acm Sigcas Computers and Society, vol 38, no 1, bll 28–39, 2008. [5] H. Lin, “Lifting the veil on cyber offense,” IEEE Security & Privacy, vol. 7, no. 4, pp. 15–21, 2009.
[5] S. Xu, “Emergent behavior in cybersecurity”, in Proceedings of the 2014 Symposium and Bootcamp on the Science of Security, 2014, bll 1–2.
[6]  W. Matthews, “Us said to need stronger, active cyber defenses”. 2010.
[7]  J. P. Kesan en C. M. Hayes, “Mitigative counterstriking: Self-defense and deterrence in cyberspace”, Harv. JL & Tech., vol 25, bl 429, 2011.
[8]  H. S. N. Wire, “Active cyber-defense strategy best deterrent against cyber-attacks”. 2011.
[9]  W. Lu, S. Xu, en X. Yi, “Optimizing active cyber defense”, in International Conference on Decision and Game Theory for Security, 2013, bll 206–225.
[10]  L. Shaughnessy, “The internet: Frontline of the next war”. 2011.
[11]  J. Wolf, “Update 2-us says will boost its cyber arsenal”. 2011.
[12]  R. Albert, H. Jeong, en A.-L. Barabási, “Error and attack tolerance of complex networks”, nature, vol 406, no 6794, bll 378–382, 2000.
[13]  Y. Wang, D. Chakrabarti, C. Wang, en C. Faloutsos, “Epidemic spreading in real networks: An eigenvalue viewpoint”, in 22nd International Symposium on Reliable Distributed Systems, 2003. Proceedings., 2003, bll 25–34. [14]   A. Ganesh, L. Massoulié, en D. Towsley, “The effect of network topology on the spread of epidemics”, in Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies., 2005, vol 2, bll 1455–1466.
[15]   N. Berger, C. Borgs, J. T. Chayes, en A. Saberi, “On the spread of viruses on the internet”, 2005.
[16]   D. Chakrabarti, Y. Wang, C. Wang, J. Leskovec, en C. Faloutsos, “Epidemic thresholds in real networks”, ACM Transactions on Information and System Security (TISSEC), vol 10, no 4, bll 1–26, 2008.
[17]   P. Van Mieghem, J. Omic, en R. Kooij, “Virus spread in networks”, IEEE/ACM Transactions On Networking, vol 17, no 1, bll 1–14, 2008.
[18]   S. Chatterjee en R. Durrett, “Contact processes on random graphs with power law degree distributions have critical value 0”, The Annals of Probability, vol 37, no 6, bll 2332–2356, 2009.
[19]   F. Ball, D. Sirl, en P. Trapman, “Threshold behaviour and final outcome of an epidemic on a random network with household structure”, Advances in Applied Probability, vol 41, no 3, bll 765–796, 2009.
[20]  F. Ball, D. Sirl, en P. Trapman, “Analysis of a stochastic SIR epidemic on a random network incorporating household structure”, Mathematical Biosciences, vol 224, no 2, bll 53–73, 2010.
[21]  D. Fava, “Characterization of cyber attacks through variable length markov models”, 2007.
[22]  T. Mountford, J.-C. Mourrat, D. Valesin, en Q. Yao, “Exponential extinction time of the contact process on finite graphs”, Stochastic Processes and their Applications, vol 126, no 7, bll 1974–2013, 2016.
[23]  T. Mountford, D. Valesin, en Q. Yao, “Metastable densities for the contact process on power law random graphs”, Electronic Journal of Probability, vol 18, bll 1–36, 2013.
[24] J. O. Kephart en S. R. White, “Directed-graph epidemiological models of computer viruses”, in Computation: the micro and the macro view, World Scientific, 1992, bll 71–102.
[25]  J. O. Kephart en S. R. White, “Measuring and modeling computer virus prevalence”, in Proceedings 1993 IEEE Computer Society Symposium on Research in Security and Privacy, 1993, bll 2–15.
[26]  A. G. M’Kendrick, “Applications of mathematics to medical problems”, Proceedings of the Edinburgh Mathematical Society, vol 44, bll 98–130, 1925.
[27]  W. O. Kermack en A. G. McKendrick, “A contribution to the mathematical theory of epidemics”, Proceedings of the royal society of london. Series A, Containing papers of a mathematical and physical character, vol 115, no 772, bll 700–721, 1927.
[28]  H. W. Hethcote, “The mathematics of infectious diseases”, SIAM review, vol 42, no 4, bll 599–653, 2000. [29]  R. Durrett, Random graph dynamics, vol 200. Cambridge university press Cambridge, 2007.
[30]  N. Masuda, N. Gibert, en S. Redner, “Heterogeneous voter models”, Physical Review E, vol 82, no 1, bl 010103, 2010.
[31]  E. Pugliese en C. Castellano, “Heterogeneous pair approximation for voter models on networks”, EPL (Europhysics Letters), vol 88, no 5, bl 58004, 2009.
[32]  V. Sood, T. Antal, en S. Redner, “Voter models on heterogeneous networks”, Physical Review E, vol 77, no 4, bl 041121, 2008.
[33]  F. Schweitzer en L. Behera, “Nonlinear voter models: the transition from invasion to coexistence”, The European Physical Journal B, vol 67, no 3, bll 301–318, 2009.
[34]  M. Vojnovic en A. J. Ganesh, “On the race of worms, alerts, and patches”, IEEE/ACM Transactions on Networking, vol 16, no 5, bll 1066–1079, 2008.
[35] P. A. P. Moran en Others, “The statistical processes of evolutionary theory”, The statistical processes of evolutionary theory., 1962.
[36]  M. A. Nowak, Evolutionary dynamics: exploring the equations of life. Harvard university press, 2006.
[37]  R. Pastor-Satorras en A. Vespignani, “Epidemic spreading in scale-free networks”, Physical review letters, vol 86, no 14, bl 3200, 2001.
[38]  T. M. Liggett, Stochastic interacting systems: contact, voter and exclusion processes, vol 324. springer science & Business Media, 2013.
[39]  A.-L. Barabási en R. Albert, “Emergence of scaling in random networks”, science, vol 286, no 5439, bll 509–512, 1999.
[40]  F. Chung, F. R. K. Chung, F. C. Graham, L. Lu, K. F. Chung, en Others, Complex graphs and networks. American Mathematical Soc., 2006.
 
Volume 9, Issue 4 - Serial Number 36
Serial No. 36, Winter Quarterly
February 2022
Pages 125-140
  • Receive Date: 22 August 2021
  • Revise Date: 11 October 2021
  • Accept Date: 13 December 2021
  • Publish Date: 20 February 2022