SPAR : an autonomous SDN intrusion response framework using combinatorial optimization over a probabilistic attack graph

Chia, Rayden Yongxiang.

Author(s)

Chia, Rayden Yongxiang.

Download1192543688-MIT.pdf (1.320Mb)

Alternative title

Secure-Perceive-Adapt-Respond

Autonomous SDN intrusion response framework using combinatorial optimization over a probabilistic attack graph

Other Contributors

Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science.

Advisor

Howard Shrobe.

Terms of use

MIT theses may be protected by copyright. Please reuse MIT thesis content according to the MIT Libraries Permissions Policy, which is available through the URL provided. http://dspace.mit.edu/handle/1721.1/7582

Metadata

Show full item record

Abstract

In a typical network, there is a multitude of critical assets that may be compromised by a malicious attacker through successive attacks. In this paper, we present SPAR ("Secure-Perceive-Adapt-Respond"), a framework which leverages Attack Graphs (AGs) and the manageability and malleability of Software-Defined Networking (SDN) to effectively reason about the security posture of the network. In the event of an intrusion, countermeasures are then selected using a combinatorial optimization model and effected to evolve the network to a more secure state, which could be effected automatically or raised as a suggestion to a human decision-maker in a semi-autonomous mode.

Description

Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, May, 2020

Cataloged from the official PDF of thesis.

Includes bibliographical references (pages 103-106).

Date issued

2020

URI

https://hdl.handle.net/1721.1/127390

Department

Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science

Publisher

Massachusetts Institute of Technology

Keywords

Electrical Engineering and Computer Science.

Collections

Graduate Theses