SPAR : an autonomous SDN intrusion response framework using combinatorial optimization over a probabilistic attack graph
Author(s)Chia, Rayden Yongxiang.
Autonomous SDN intrusion response framework using combinatorial optimization over a probabilistic attack graph
Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science.
MetadataShow full item record
In a typical network, there is a multitude of critical assets that may be compromised by a malicious attacker through successive attacks. In this paper, we present SPAR ("Secure-Perceive-Adapt-Respond"), a framework which leverages Attack Graphs (AGs) and the manageability and malleability of Software-Defined Networking (SDN) to effectively reason about the security posture of the network. In the event of an intrusion, countermeasures are then selected using a combinatorial optimization model and effected to evolve the network to a more secure state, which could be effected automatically or raised as a suggestion to a human decision-maker in a semi-autonomous mode.
Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, May, 2020Cataloged from the official PDF of thesis.Includes bibliographical references (pages 103-106).
DepartmentMassachusetts Institute of Technology. Department of Electrical Engineering and Computer Science
Massachusetts Institute of Technology
Electrical Engineering and Computer Science.