Please use this identifier to cite or link to this item: http://hdl.handle.net/10125/71461

The use of partially observable Markov decision processes to optimally implement moving target defense

File Size Format  
0683.pdf 464.2 kB Adobe PDF View/Open

Item Summary

Title:The use of partially observable Markov decision processes to optimally implement moving target defense
Authors:Mcabee, Ashley
Tummala, Murali
Mceachen, John
Keywords:Cybersecurity and Software Assurance
cybersecurity
markov models
moving target
Date Issued:05 Jan 2021
Abstract:For moving target defense (MTD) to shift advantage away from cyber attackers, we need techniques which render systems unpredictable but still manageable. We formulate a partially observable Markov decision process (POMDP) which facilitates optimized MTD capable of thwarting cyber attacks without excess overhead. This paper describes POMDP formulation including the use of an absorbing final state and attack penalty scaling factor to abstract defender-defined priorities into the model. An autonomous agent leverages the POMDP to select the optimal defense based on assessed cyber-attack phase. We offer an example formulation wherein attack suppression of greater than 99% and system availability of greater than 94% were maintained even as probability of detection of attack phase dropped to 74%.
Pages/Duration:10 pages
URI:http://hdl.handle.net/10125/71461
ISBN:978-0-9981331-4-0
DOI:10.24251/HICSS.2021.840
Rights:Attribution-NonCommercial-NoDerivatives 4.0 International
https://creativecommons.org/licenses/by-nc-nd/4.0/
Appears in Collections: Cybersecurity and Software Assurance


Please email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.

This item is licensed under a Creative Commons License Creative Commons