Metrics Towards Measuring Cyber Agility

by   Jose David Mireles, et al.

In cyberspace, evolutionary strategies are commonly used by both attackers and defenders. For example, an attacker's strategy often changes over the course of time, as new vulnerabilities are discovered and/or mitigated. Similarly, a defender's strategy changes over time. These changes may or may not be in direct response to a change in the opponent's strategy. In any case, it is important to have a set of quantitative metrics to characterize and understand the effectiveness of attackers' and defenders' evolutionary strategies, which reflect their cyber agility. Despite its clear importance, few systematic metrics have been developed to quantify the cyber agility of attackers and defenders. In this paper, we propose the first metric framework for measuring cyber agility in terms of the effectiveness of the dynamic evolution of cyber attacks and defenses. The proposed framework is generic and applicable to transform any relevant, quantitative, and/or conventional static security metrics (e.g., false positives and false negatives) into dynamic metrics to capture dynamics of system behaviors. In order to validate the usefulness of the proposed framework, we conduct case studies on measuring the evolution of cyber attacks and defenses using two real-world datasets. We discuss the limitations of the current work and identify future research directions.


Cyber Deception against Zero-day Attacks: A Game Theoretic Approach

Reconnaissance activities precedent other attack steps in the cyber kill...

Poisoning Attacks and Defenses on Artificial Intelligence: A Survey

Machine learning models have been widely adopted in several fields. Howe...

How to Measure Cyber Resilience of an Autonomous Agent: Approaches and Challenges

Several approaches have been used to assess the performance of cyberphys...

Sludge for Good: Slowing and Imposing Costs on Cyber Attackers

Choice architecture describes the design by which choices are presented ...

Real-Time Detection of Hybrid and Stealthy Cyber-Attacks in Smart Grid

For a safe and reliable operation of the smart grid, timely detection of...

Authentication of Everything in the Internet of Things: Learning and Environmental Effects

Reaping the benefits of the Internet of things (IoT) system is contingen...

Analyzing the Usefulness of the DARPA OpTC Dataset in Cyber Threat Detection Research

Maintaining security and privacy in real-world enterprise networks is be...

Please sign up or login with your details

Forgot password? Click here to reset