4.7 Article

Impulsive Artificial Defense Against Advanced Persistent Threat

IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY (2023)

Get Full Text
Add to Collection

Journal

IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY
Volume 18, Issue -, Pages 3506-3516

Publisher

IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
DOI: 10.1109/TIFS.2023.3284564

Keywords

Advanced persistent threat; impulsive artificial APT defense; IAD problem; state evolutionary model; optimal impulsive control model; optimality system; iterative algorithm; convergence; effectiveness

Categories

Computer Science, Theory & Methods Engineering, Electrical & Electronic

Ask authors/readers for more resources

Protocol

Community support

Reagent

Community support

Advanced persistent threat (APT) is a severe threat to modern organizations and artificial APT defense is recognized as essential. There are two ways of artificial APT defenses: continuous artificial defense (CAD) and impulsive artificial defense (IAD), where IAD is superior in terms of overall service cost. This paper addresses the development of a cost-effective IAD policy and presents an iterative algorithm for solving the optimal impulsive control model.
Advanced persistent threat (APT) as a new type of cyber espionage poses a severe threat to modern organizations. Artificial APT defense, in which an organization engages experienced cybersecurity experts to artificially check if there exist rootkits implanted by APT actors within the organizational internet and, if so, artificially remove the discovered rootkits, is recognized as an indispensable part of APT defense. There are two different ways of artificial APT defenses: continuous artificial defense (CAD), where the defense work is conducted at all time points, and impulsive artificial defense (IAD), where the defense work is conducted at a scheduled sequence of time points. IAD is superior to CAD in terms of the overall service cost. In the context of IAD, we refer to each sequence of service costs as an IAD policy. This paper addresses the problem of developing a cost-effective IAD policy (the IAD problem). First, by introducing an impulsive state evolutionary model for the organizational intranet, the IAD problem is reduced to an optimal impulsive control model (the IAD model). Second, by deriving the optimality system for the IAD model, an iterative algorithm for solving the IAD model (the IAD algorithm) is presented. Next, the convergence and effectiveness of the IAD algorithm are validated through numerical experiments. Finally, the effect of some factors is inspected. To our knowledge, this is the first time IAD is inspected from the perspective of optimal impulsive control theory.

Authors

I am an author on this paper
Click your name to claim this paper and add it to your profile.

Reviews

Primary Rating

4.7
Not enough ratings

Secondary Ratings

Novelty
-
Significance
-
Scientific rigor
-
Rate this paper

Recommended

No Data Available
No Data Available
Webinars Posters Questions Hubs Funding Journals Papers Connect Collections Reviewers About Us FAQs Mobile App Privacy Policy Terms of Use
© Peeref 2019-2024. All rights reserved.