Abstract
AbstractCybersecurity research often focuses primarily or exclusively on the interactions between the attacker, trying to exploit the computer system, and the defender, trying to protect it. However, including the computer users is important because the users’ requirements are the reason the computer system exists.An extension of the Petri net formalism, Petri Nets with Players, Strategies, and Costs (PNPSC) was used to model cyberattacks described in the MITRE Common Attack Pattern Enumeration and Classification database. PNPSC models include the attacker, defender, and computer user as “players” attempting to achieve competing goals. Each player can observe the current marking of a subset of the PNPSC net's places and change the stochastic firing rates of a subset of the net's transitions in order to achieve their goals. A mapping between the markings of a player's observable places and the desired firing rates of player's controllable transitions is the player's strategy.A reinforcement learning algorithm was integrated with PNPSC models of three cyberattack patterns to learn strategies for the defender in simulations both with and without a representation of the computer user. A simulation experiment showed that the defender's reward was lower and the defender's learned strategy was different when the user was represented. A second simulation experiment and statistical analysis confirmed that the differences were not due simply to randomness. With the user represented, the system defender must balance security against usability. This research provides a more complete cyberattack model and shows that user models are important in future cybersecurity simulation.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.