Attack Path Selection Optimization with Adaptive Genetic Algorithms

Abstract

Enterprise network security solution optimization is a complex and challenging problem given the large number of components that are involved. This paper describes our project that has the ultimate goal of providing optimized solutions for enterprise network security. We describe our approach for implementing an optimized security assessment using Genetic Algorithm (GA). Because of the dynamic nature of an enterprise network, all security analysis tools devised for the network need to function in dynamic mode as well. We have incorporated a fuzzy logic controller (FLC) to fine tune the optimization algorithm in run time. The FLC takes into consideration both the exploration and exploitation aspect of the GA. It calculates the appropriate adjustments for the control parameters such as selection and crossover rate. Possible attack paths are then identified and evaluated based on an attack graph representing the network under study. Attack paths that satisfy certain optimization criteria are then selected and presented as possible components of the security solution. We have also carried out a comparative study on the performance of the adaptive GA used in this problem against the conventional GA. The results shows that attack graphs analyzed with the adaptive GA yields significantly better solutions. © 2016 American Scientific Publishers. All rights reserved.