Evaluating Moving Target Defense with PLADD

Jones, Stephen T.; Outkin, Alexander V.; Gearhart, Jared Lee; Hobbs, Jacob Aaron; Siirola, John Daniel; Phillips, Cynthia A.; Verzi, Stephen Joseph; Tauritz, Daniel; Mulder, Samuel A.; Naugle, Asmeret Bier

doi:10.2172/1222986

Title: Evaluating Moving Target Defense with PLADD

Technical Report · Tue Sep 15 00:00:00 EDT 2015

DOI:https://doi.org/10.2172/1222986· OSTI ID:1222986

Jones, Stephen T. ^[1]; Outkin, Alexander V. ^[1]; Gearhart, Jared Lee ^[1]; Hobbs, Jacob Aaron ^[1]; Siirola, John Daniel ^[1]; Phillips, Cynthia A. ^[1]; Verzi, Stephen Joseph ^[1]; Tauritz, Daniel ^[1]; Mulder, Samuel A. ^[1]; Naugle, Asmeret Bier ^[1]

Sandia National Laboratories (SNL-NM), Albuquerque, NM (United States)

This project evaluates the effectiveness of moving target defense (MTD) techniques using a new game we have designed, called PLADD, inspired by the game FlipIt [28]. PLADD extends FlipIt by incorporating what we believe are key MTD concepts. We have analyzed PLADD and proven the existence of a defender strategy that pushes a rational attacker out of the game, demonstrated how limited the strategies available to an attacker are in PLADD, and derived analytic expressions for the expected utility of the game’s players in multiple game variants. We have created an algorithm for finding a defender’s optimal PLADD strategy. We show that in the special case of achieving deterrence in PLADD, MTD is not always cost effective and that its optimal deployment may shift abruptly from not using MTD at all to using it as aggressively as possible. We believe our effort provides basic, fundamental insights into the use of MTD, but conclude that a truly practical analysis requires model selection and calibration based on real scenarios and empirical data. We propose several avenues for further inquiry, including (1) agents with adaptive capabilities more reflective of real world adversaries, (2) the presence of multiple, heterogeneous adversaries, (3) computational game theory-based approaches such as coevolution to allow scaling to the real world beyond the limitations of analytical analysis and classical game theory, (4) mapping the game to real-world scenarios, (5) taking player risk into account when designing a strategy (in addition to expected payoff), (6) improving our understanding of the dynamic nature of MTD-inspired games by using a martingale representation, defensive forecasting, and techniques from signal processing, and (7) using adversarial games to develop inherently resilient cyber systems.

View Technical Report

Cite

Export

Save

Research Organization:: Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)

Sponsoring Organization:: USDOE Office of Defense Programs (DP)

DOE Contract Number:: AC04-94AL85000

OSTI ID:: 1222986

Report Number(s):: SAND2015-8432R; 607305

Country of Publication:: United States

Language:: English

Similar Records

Cyber risk assessment and investment optimization using game theory and ML-based anomaly detection and mitigation for wide-area control in smart grids

Other · Mon Aug 01 00:00:00 EDT 2022 · OSTI ID:1222986

Hyder, Burhan

Automated Adversary-in-the-Loop Cyber-Physical Defense Planning

Journal Article · Thu Jul 13 00:00:00 EDT 2023 · ACM Transactions on Cyber-Physical Systems · OSTI ID:1222986

Banik, Sandeep; Ramachandran, Thiagarajan; Bhattacharya, Arnab; +1 more

Cyber Threat Screening Using a Queuing-Based Game-Theoretic Approach

Journal Article · Mon Dec 02 00:00:00 EST 2019 · Journal of Information Warfare · OSTI ID:1222986

Bhattacharya, Arnab; Bopardikar, Shaunak; Chatterjee, Samrat; +1 more

Title: Evaluating Moving Target Defense with PLADD

Citation Formats

Similar Records

Related Subjects