Multi-Objective Security Hardening Optimisation for Dynamic Networks

Simon Yusuf Enoch, Jin Hong, Mengmeng Ge, Khaled M.D. Khan, Dong Seong Kim

Research output: Chapter in Book/Conference paperConference paper

Abstract

Hardening the dynamic networks is a very challenging task due to their complexity and dynamicity. Moreover, there may be multi-objectives to satisfy, while containing the solutions within the constraints (e.g., fixed budget, availability of countermeasures, performance degradation, non-patchable vulnerabilities, etc). In this paper, we propose a systematic approach to optimise the selection of the security hardening options for the dynamic networks given multiple constraints and objectives. To do so, we evaluate potential attack scenarios for a given time period, and then use a multi-objective optimisation based on Non-dominated Sorting Genetic Algorithm to find the optimal set of security hardening options. We measure the effectiveness of the options using various security metrics, which is demonstrated through experimental analysis. The results show that our approach can be applied to select the optimal set of security hardening options to be deployed for the dynamic networks given multiple objectives and constraints.
Original languageEnglish
Title of host publication ICC 2019 - 2019 IEEE International Conference on Communications (ICC)
Place of PublicationChina
PublisherIEEE, Institute of Electrical and Electronics Engineers
ISBN (Electronic)978-1-5386-8088-9
DOIs
Publication statusPublished - 2019
Event2019 IEEE International Conference on Communications - Shanghai, China
Duration: 20 May 201924 May 2019

Conference

Conference2019 IEEE International Conference on Communications
Abbreviated titleICC 2019
CountryChina
CityShanghai
Period20/05/1924/05/19

Fingerprint

Hardening
Multiobjective optimization
Sorting
Genetic algorithms
Availability
Degradation

Cite this

Enoch, S. Y., Hong, J., Ge, M., Khan, K. M. D., & Kim, D. S. (2019). Multi-Objective Security Hardening Optimisation for Dynamic Networks. In ICC 2019 - 2019 IEEE International Conference on Communications (ICC) China: IEEE, Institute of Electrical and Electronics Engineers. https://doi.org/10.1109/ICC.2019.8761984
Enoch, Simon Yusuf ; Hong, Jin ; Ge, Mengmeng ; Khan, Khaled M.D. ; Kim, Dong Seong. / Multi-Objective Security Hardening Optimisation for Dynamic Networks. ICC 2019 - 2019 IEEE International Conference on Communications (ICC). China : IEEE, Institute of Electrical and Electronics Engineers, 2019.
@inproceedings{81175a3fbfae4924b2e0a982f4a44fb5,
title = "Multi-Objective Security Hardening Optimisation for Dynamic Networks",
abstract = "Hardening the dynamic networks is a very challenging task due to their complexity and dynamicity. Moreover, there may be multi-objectives to satisfy, while containing the solutions within the constraints (e.g., fixed budget, availability of countermeasures, performance degradation, non-patchable vulnerabilities, etc). In this paper, we propose a systematic approach to optimise the selection of the security hardening options for the dynamic networks given multiple constraints and objectives. To do so, we evaluate potential attack scenarios for a given time period, and then use a multi-objective optimisation based on Non-dominated Sorting Genetic Algorithm to find the optimal set of security hardening options. We measure the effectiveness of the options using various security metrics, which is demonstrated through experimental analysis. The results show that our approach can be applied to select the optimal set of security hardening options to be deployed for the dynamic networks given multiple objectives and constraints.",
author = "Enoch, {Simon Yusuf} and Jin Hong and Mengmeng Ge and Khan, {Khaled M.D.} and Kim, {Dong Seong}",
year = "2019",
doi = "10.1109/ICC.2019.8761984",
language = "English",
booktitle = "ICC 2019 - 2019 IEEE International Conference on Communications (ICC)",
publisher = "IEEE, Institute of Electrical and Electronics Engineers",
address = "United States",

}

Enoch, SY, Hong, J, Ge, M, Khan, KMD & Kim, DS 2019, Multi-Objective Security Hardening Optimisation for Dynamic Networks. in ICC 2019 - 2019 IEEE International Conference on Communications (ICC). IEEE, Institute of Electrical and Electronics Engineers, China, 2019 IEEE International Conference on Communications , Shanghai, China, 20/05/19. https://doi.org/10.1109/ICC.2019.8761984

Multi-Objective Security Hardening Optimisation for Dynamic Networks. / Enoch, Simon Yusuf; Hong, Jin; Ge, Mengmeng; Khan, Khaled M.D.; Kim, Dong Seong.

ICC 2019 - 2019 IEEE International Conference on Communications (ICC). China : IEEE, Institute of Electrical and Electronics Engineers, 2019.

Research output: Chapter in Book/Conference paperConference paper

TY - GEN

T1 - Multi-Objective Security Hardening Optimisation for Dynamic Networks

AU - Enoch, Simon Yusuf

AU - Hong, Jin

AU - Ge, Mengmeng

AU - Khan, Khaled M.D.

AU - Kim, Dong Seong

PY - 2019

Y1 - 2019

N2 - Hardening the dynamic networks is a very challenging task due to their complexity and dynamicity. Moreover, there may be multi-objectives to satisfy, while containing the solutions within the constraints (e.g., fixed budget, availability of countermeasures, performance degradation, non-patchable vulnerabilities, etc). In this paper, we propose a systematic approach to optimise the selection of the security hardening options for the dynamic networks given multiple constraints and objectives. To do so, we evaluate potential attack scenarios for a given time period, and then use a multi-objective optimisation based on Non-dominated Sorting Genetic Algorithm to find the optimal set of security hardening options. We measure the effectiveness of the options using various security metrics, which is demonstrated through experimental analysis. The results show that our approach can be applied to select the optimal set of security hardening options to be deployed for the dynamic networks given multiple objectives and constraints.

AB - Hardening the dynamic networks is a very challenging task due to their complexity and dynamicity. Moreover, there may be multi-objectives to satisfy, while containing the solutions within the constraints (e.g., fixed budget, availability of countermeasures, performance degradation, non-patchable vulnerabilities, etc). In this paper, we propose a systematic approach to optimise the selection of the security hardening options for the dynamic networks given multiple constraints and objectives. To do so, we evaluate potential attack scenarios for a given time period, and then use a multi-objective optimisation based on Non-dominated Sorting Genetic Algorithm to find the optimal set of security hardening options. We measure the effectiveness of the options using various security metrics, which is demonstrated through experimental analysis. The results show that our approach can be applied to select the optimal set of security hardening options to be deployed for the dynamic networks given multiple objectives and constraints.

U2 - 10.1109/ICC.2019.8761984

DO - 10.1109/ICC.2019.8761984

M3 - Conference paper

BT - ICC 2019 - 2019 IEEE International Conference on Communications (ICC)

PB - IEEE, Institute of Electrical and Electronics Engineers

CY - China

ER -

Enoch SY, Hong J, Ge M, Khan KMD, Kim DS. Multi-Objective Security Hardening Optimisation for Dynamic Networks. In ICC 2019 - 2019 IEEE International Conference on Communications (ICC). China: IEEE, Institute of Electrical and Electronics Engineers. 2019 https://doi.org/10.1109/ICC.2019.8761984