Data Driven Game Theoretic Cyber Threat Mitigation
Description
Penetration testing is regarded as the gold-standard for understanding how well an organization can withstand sophisticated cyber-attacks. However, the recent prevalence of markets specializing in zero-day exploits on the darknet make exploits widely available to potential attackers. The cost associated with these sophisticated kits generally precludes penetration testers from simply obtaining such exploits – so an alternative approach is needed to understand what exploits an attacker will most likely purchase and how to defend against them. In this paper, we introduce a data-driven security game framework to model an attacker and provide policy recommendations to the defender. In addition to providing a formal framework and algorithms to develop strategies, we present experimental results from applying our framework, for various system configurations, on real-world exploit market data actively mined from the darknet.
Date Created
The date the item was original created (prior to any relationship with the ASU Digital Repositories.)
2016-05
Agent
- Author (aut): Robertson, John James
- Thesis director: Shakarian, Paulo
- Committee member: Doupe, Adam
- Contributor (ctb): Electrical Engineering Program
- Contributor (ctb): Computer Science and Engineering Program
- Contributor (ctb): Barrett, The Honors College