DeepAI AI Chat
Log In Sign Up

Metrics Towards Measuring Cyber Agility

by   Jose David Mireles, et al.
The University of Texas at San Antonio

In cyberspace, evolutionary strategies are commonly used by both attackers and defenders. For example, an attacker's strategy often changes over the course of time, as new vulnerabilities are discovered and/or mitigated. Similarly, a defender's strategy changes over time. These changes may or may not be in direct response to a change in the opponent's strategy. In any case, it is important to have a set of quantitative metrics to characterize and understand the effectiveness of attackers' and defenders' evolutionary strategies, which reflect their cyber agility. Despite its clear importance, few systematic metrics have been developed to quantify the cyber agility of attackers and defenders. In this paper, we propose the first metric framework for measuring cyber agility in terms of the effectiveness of the dynamic evolution of cyber attacks and defenses. The proposed framework is generic and applicable to transform any relevant, quantitative, and/or conventional static security metrics (e.g., false positives and false negatives) into dynamic metrics to capture dynamics of system behaviors. In order to validate the usefulness of the proposed framework, we conduct case studies on measuring the evolution of cyber attacks and defenses using two real-world datasets. We discuss the limitations of the current work and identify future research directions.


Poisoning Attacks and Defenses on Artificial Intelligence: A Survey

Machine learning models have been widely adopted in several fields. Howe...

How to Measure Cyber Resilience of an Autonomous Agent: Approaches and Challenges

Several approaches have been used to assess the performance of cyberphys...

Sludge for Good: Slowing and Imposing Costs on Cyber Attackers

Choice architecture describes the design by which choices are presented ...

A Differentially Private Game Theoretic Approach for Deceiving Cyber Adversaries

Cyber deception is one of the key approaches used to mislead attackers b...

Real-Time Detection of Hybrid and Stealthy Cyber-Attacks in Smart Grid

For a safe and reliable operation of the smart grid, timely detection of...

Authentication of Everything in the Internet of Things: Learning and Environmental Effects

Reaping the benefits of the Internet of things (IoT) system is contingen...

Virtual Control Group: Measuring Hidden Performance Metrics

Performance metrics measuring in Financial Integrity systems are crucial...