|
Abstract:
|
The age of cyber warfare necessitates effective defensive plans for operational integrity of networked security assets. Under a cyber attack, a decision maker needs to select the most effective defensive action (policy) from a set of feasible policies brought forth by domain experts and/or automated policy generators. However, selecting an optimal policy is non-trivial in practice because of complex dependencies among constituent components of a critical operational system; temporally dynamic mission goals; and uncertain knowledge about the states of some components. To address these issues, a Bayesian network based probabilistic framework was developed to assess the impact of a policy on mission success. At the core is a probabilistic graphical mission model built on top of the assets terrain based on domain knowledge. The framework quantifies the probability of mission success under a policy as a score, and intuitively explains the propagation of policy effects leading to the mission outcome, thus facilitating optimal policy selection. For a mission composed of temporally ordered sub-tasks, the Bayesian network is dynamically pruned based on currently completed steps.
|
