Paper Info
Title
A practical framework for cyber defense generation, enforcement and evaluation
Abstract
It is challenging to enforce and evaluate cyber-defenses for large networks. The current state-of-the-art approaches on defense enforcement and evaluations are manually performed by a security expert and they are executed separately without using a defined workflow. Moreover, the cyber defense generation, enforcement, and evaluation require costs, time, and effort of the security experts to effectively identify attacks and the best set of defenses to deploy. To effectively address these challenges, we propose a novel defense automation framework named CD-GEE (Cyber Defense Generation, Enforcement and Evaluation). CD-GEE can perform automated Cyber defense generation, defense enforcement and security evaluation without human intervention. CD-GEE works in the following five phases: (1) host/network data collection, (2) graphical security models construction, (3) cyber defense generation & selection, (4) defense deployment, and (5) defense evaluation and report. To show the usability and applicability of CD-GEE, we perform experiments on different networks including Amazon’s Elastic Compute Cloud. Besides, we also evaluate the performance and the effectiveness of the defenses deployed via our proposed framework and tool. We show that the CD-GEE measures the security posture of the network before and after defense deployment and evaluation. We also showed that our proposed framework performed better than without the framework in enhancing the security of networks on both the Amazon Elastic Compute Cloud and simulation network environment.
Year
DOI
Venue
2022
10.1016/j.comnet.2022.108878
Computer Networks
Keywords
DocType
Volume
Cybersecurity,Cyber attack automation,Blue team,Defense automation,Red team
Journal
208
ISSN
Citations 
PageRank 
1389-1286
0
0.34
References 
Authors
0
5
Name
Order
Citations
PageRank
Simon Enoch Yusuf1104.59
Chun Yong Moon200.34
Donghwan Lee300.34
Myung Kil Ahn400.34
Dong Seong Kim500.34