Mon, May 14, 2018 @ 10:00 AM - 12:00 PM
Title: Game Theoretic Deception and Threat Screening for Cyber Security
PhD Candidate: Aaron Schlenker
Milind Tambe (Chair)
Protecting an organization's cyber assets from intrusions and breaches due to attacks by malicious actors is an increasingly challenging and complex problem. Companies and organizations who operate enterprise networks deploy various software and tools to protect from these attacks, such as anti-virus software and Intrusion and Detection Systems (IDS), along with dedicated teams of cyber analysts tasked with the general protection of an organization's cyber assets. In order to compromise a network, an adversary must complete the Cyber Kill Chain which is a series of steps outlining the components of a successful cyber breach. During the Cyber Kill Chain, there are numerous opportunities for the network administrator (defender) to intercept the adversary and thwart an attack. In this talk, I will describe how computational game theory can be used to capture the interaction between the adversary and network administrator in cyber security along with two potential applications of game theory to problems faced by the network administrator to optimize the use of their limited security resources. The first application proposes a framework for deceiving cyber adversaries during the reconnaissance phase of an attack and I will describe a model that provides deceptive strategies to the defender that lead to hackers attacking non-critical systems in the defender's network. The Second application corresponds to the prioritization of alerts generated from Intrusion Detection and Prevention systems throughout a network and I will describe a model that accounts for various salient features in cybersecurity alert allocation when determining the best strategies for the network administrator.
Location: Seaver Science Library (SSL) - 150
Audiences: Everyone Is Invited
Contact: Lizsl De Leon