Logo: University of Southern California

Events Calendar


  • PhD Defense - Aaron Schlenker

    Mon, May 14, 2018 @ 10:00 AM - 12:00 PM

    Thomas Lord Department of Computer Science

    University Calendar


    Title: Game Theoretic Deception and Threat Screening for Cyber Security

    PhD Candidate: Aaron Schlenker

    May 14th
    10am
    SSL 150

    Committee:
    Milind Tambe (Chair)
    Jelena Mirkovic
    Jonathan Gratch
    Muhammed Naveed
    Richard John


    Abstract:

    Protecting an organization's cyber assets from intrusions and breaches due to attacks by malicious actors is an increasingly challenging and complex problem. Companies and organizations who operate enterprise networks deploy various software and tools to protect from these attacks, such as anti-virus software and Intrusion and Detection Systems (IDS), along with dedicated teams of cyber analysts tasked with the general protection of an organization's cyber assets. In order to compromise a network, an adversary must complete the Cyber Kill Chain which is a series of steps outlining the components of a successful cyber breach. During the Cyber Kill Chain, there are numerous opportunities for the network administrator (defender) to intercept the adversary and thwart an attack. In this talk, I will describe how computational game theory can be used to capture the interaction between the adversary and network administrator in cyber security along with two potential applications of game theory to problems faced by the network administrator to optimize the use of their limited security resources. The first application proposes a framework for deceiving cyber adversaries during the reconnaissance phase of an attack and I will describe a model that provides deceptive strategies to the defender that lead to hackers attacking non-critical systems in the defender's network. The Second application corresponds to the prioritization of alerts generated from Intrusion Detection and Prevention systems throughout a network and I will describe a model that accounts for various salient features in cybersecurity alert allocation when determining the best strategies for the network administrator.

    Location: Seaver Science Library (SSL) - 150

    Audiences: Everyone Is Invited

    Contact: Lizsl De Leon

    Add to Google CalendarDownload ICS File for OutlookDownload iCal File

Return to Calendar