The network inhibition problem
STOC '93 Proceedings of the twenty-fifth annual ACM symposium on Theory of computing
Competitive Markov decision processes
Competitive Markov decision processes
Introduction to Linear Optimization
Introduction to Linear Optimization
Scalable, graph-based network vulnerability analysis
Proceedings of the 9th ACM conference on Computer and communications security
Automated Generation and Analysis of Attack Graphs
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Using Model Checking to Analyze Network Vulnerabilities
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
NetKuang: a multi-host configuration vulnerability checker
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
Playing games for security: an efficient exact algorithm for solving Bayesian Stackelberg games
Proceedings of the 7th international joint conference on Autonomous agents and multiagent systems - Volume 2
Interdicting a Nuclear-Weapons Project
Operations Research
Effective approaches for partial satisfaction (over-subscription) planning
AAAI'04 Proceedings of the 19th national conference on Artifical intelligence
Temporal planning using subgoal partitioning and resolution in SGPlan
Journal of Artificial Intelligence Research
On the use of integer programming models in AI planning
IJCAI'99 Proceedings of the 16th international joint conference on Artifical intelligence - Volume 1
Strategic games on defense trees
FAST'06 Proceedings of the 4th international conference on Formal aspects in security and trust
GUARDS: game theoretic security allocation on a national scale
The 10th International Conference on Autonomous Agents and Multiagent Systems - Volume 1
Dynamic Security Risk Management Using Bayesian Attack Graphs
IEEE Transactions on Dependable and Secure Computing
| Hi-index | 0.00 |
We present a Stackelberg game model of security in which the defender chooses a mitigation strategy that interdicts potential attack actions, and the attacker responds by computing an optimal attack plan that circumvents the deployed mitigations. First, we offer a general formulation for deterministic plan interdiction as a mixed-integer program, and use constraint generation to compute optimal solutions, leveraging state-of-the-art partial satisfaction planning techniques. We also present a greedy heuristic for this problem, and compare its performance with the optimal MILP-based approach. We then extend our framework to incorporate uncertainty about attacker's capabilities, costs, goals, and action execution uncertainty, and show that these extensions retain the basic structure of the deterministic plan interdiction problem. Introduction of more general models of planning uncertainty require us to model the attacker's problem as a general MDP, and demonstrate that the MDP interdiction problem can still be solved using the basic constraint generation framework.