Coevolving Attackers & Defenders for Approximating
Game Theoretic Optimization of Cyber-Physical System Security

Dr. Tauritz Project Image

INVESTIGATORS
Daniel Tauritz, Associate Professor of Computer Science; Bruce McMillin, Professor of Computer Science


FUNDING SOURCE
ISC & Los Alamos National Laboratory (LANL)


PROJECT DESCRIPTION
Our society is increasingly threatened by cyber-attacks, ranging from organized crime to terrorists to adversarial foreign nation states. Cyber security is thus quickly becoming of paramount significance for the well-being and functioning of our society, from protecting critical infrastructure to private sector enterprises, leading to a series of presidential executive orders creating policy frameworks for cyber security. However, for these to be effective, great strides are needed in the defensive tools and technologies available to cyber security practitioners, as the asymmetric nature of cyber warfare  puts our defending practitioners at a distinct disadvantage; i.e., cyber attackers get to decide when and where to attack, without the need for a physical presence providing advance notice to the cyber defenders who must scramble to quickly determine that an attack is occurring, select an appropriate defense, and execute it. The capability to determine worst-case attacks in advance and identify suitable defenses against them would greatly aid cyber defenders. Game theory allows for mathematical analysis of adversarial models. However, its scalability limitations restrict its use to simple, abstract models. Computational game theory is focused on scaling classical game theory to large, complex systems to model more real-world environments; one promising approach is competitive coevolution where each player's fitness is dependent on its adversaries. The adversarial cyber model is a perfect fit for a multi-population coevolutionary algorithm. However, the search space involved in cyber-physical system security is extremely large and the computational time needed to emulate the systems with sufficient fidelity is very large as well, thus making the optimization task extraordinarily difficult. Employing formal security models has the potential to design cyber physical systems which are provably secure in respect to certain system properties (e.g., information leakage), which we hypothesize can be used to significantly prune the search space to make the computation game theoretic optimization feasible.


PUBLICATIONS

  1. Coevolutionary Agent-based Network Defense Lightweight Event System (CANDLES)”, George Rush, Daniel R. Tauritz, Alexander D. Kent in Proceedings of SecDef 2015 – the Workshop on Genetic and Evolutionary Computation in Defense, Security and Risk Management, at the Genetic and Evolutionary Computation Conference (GECCO 2015), pages 859-866, Madrid, Spain, July 11-15, 2015.
  2. “DCAFE: A Distributed Cyber Security Automation Framework for Experiments,” George Rush, Daniel R. Tauritz, and Alexander D. Kent. In Proceedings of the 38th IEEE Annual Computers, Software and Applications Conference Workshops (COMPSACW '14), pages 134-139, Västerås, Sweden, July 21-25, 2014.
  3. Modeling and reasoning about the security of drive-by-wire automobile systems,” Gerry Howser and Bruce McMillin, International Journal of Critical Infrastructure Protection, Volume 5, Issues 3–4, December 2012, Elsevier 2012, pp. 127-134,  10.1016/j.ijcip.2012.09.001.
  4. Increasing Infrastructure Resilience through Competitive Coevolution,” Travis C. Service and Daniel R. Tauritz. New Mathematics and Natural Computation, 5(2):441-457, July 2009.