A Proactive Defense Strategy to Enhance Situational Awareness in Computer Network Security

A Proactive Defense Strategy to Enhance Situational Awareness in Computer Network Security

Yi Luo (The University of Arizona, USA) and Ferenc Szidarovszky (The University of Arizona, USA)
DOI: 10.4018/978-1-4666-0104-8.ch004
OnDemand PDF Download:


With the development of situational awareness in intrusion defense, a proactive response is a realistic and effective approach against the attackers. It is assumed that each player can update knowledge of the opponent and assess possible future scenarios of the dynamic game based on their previous interactions. Therefore, finding the best current move of the defender is modeled as a discrete-time stochastic control problem. An on-line, convergent, scenario based proactive defense (SPD) algorithm considering adaptive learning is developed based on differential dynamic programming (DDP) to solve the associated optimal control problem. Numerical experiment shows that the new algorithm can help the defender in finding the best dynamic strategies quickly and efficiently. Moreover, the SPD algorithm can provide optimal defensive efforts against possible future attacks within an appropriate time window, so the success of the attack in the possible future interactions can be assessed, improving situational awareness in computer network security.
Chapter Preview


In this chapter, the interactions between an attacker and the defender of a computer network are modeled as a system of two-person non-zero-sum non-cooperative dynamic evolutionary games with incomplete information. In the dynamic evolutionary games, the type of the players, their strategy sets, the prediction of future interactions, etc. are uncertain. The payoffs of the players are therefore random at each interaction of the game. The classical equilibrium approach has its limitations to find the solutions under this situation, so risk analysis is used often to complement the equilibrium approach to capture the uncertainty of the random elements in the players’ payoff functions (Hausken, 2002; Banks and Anderson, 2006; Bier and Azaiez, 2008).

Complete Chapter List

Search this Book: