Adaptive defense against adverserial artificial intelligence at the edge of the cloud using evolutionary algorithms

Djeffal, Sofiane.

Author(s)

Djeffal, Sofiane.

Download1262990576-MIT.pdf (1.289Mb)

Other Contributors

Massachusetts Institute of Technology. Engineering and Management Program.

System Design and Management Program.

Advisor

Una-May O'Reilley and Erik Hemberg.

Terms of use

MIT theses may be protected by copyright. Please reuse MIT thesis content according to the MIT Libraries Permissions Policy, which is available through the URL provided. http://dspace.mit.edu/handle/1721.1/7582

Metadata

Show full item record

Abstract

While moving to the cloud increases flexibility for many organisations around the world, it also presents its own set of operational risks and complexities when it comes to keeping data and workflows secure. As data becomes digitized, it is becoming more fruitful for bad actors to try to engage in data theft or disrupt online services for their financial gain, corporate espionage, or general intent to disrupt a service. Computers are also becoming more powerful and sophisticated than ever, allowing them to brute force what were once considered top of the line cryptographic ciphers and algorithms in no time. The cost of protecting an infrastructure is increasing both financially and in terms of human resources needed to support a system's security. Companies are relying on the cloud to provide that protection, and one of the ways the cloud provides it is through Edge nodes that sit in front of their infrastruture. Edge nodes are the first line of defense against threats to a web application. This thesis explores a new heuristic for approaching threat generation and detection in a network. It aims to demonstrate that with a proper grammar definition along with a strategy, and a reward system, a genetic algorithm can perform better than the existing rulebased system used to generate and defend against a wide breadth of attacks. This proposes solution focuses on three types of attacks: Data Exfiltration, Server Hijack, and Denial of Service. The goal is to demonstrate that computationally searching for vulnerabilities does not scale well with a rule based system while a genetic algorithm can handle an increase of breadth in attacks with more elegance and better results.

Description

Thesis: S.M. in Engineering and Management, Massachusetts Institute of Technology, System Design and Management Program, May, 2020

Cataloged from the official version of thesis.

Includes bibliographical references (pages 89-91).

Date issued

2020

URI

https://hdl.handle.net/1721.1/132812

Department

Massachusetts Institute of Technology. Engineering and Management Program

Publisher

Massachusetts Institute of Technology

Keywords

Engineering and Management Program., System Design and Management Program.

Collections

Graduate Theses