Adversarial and Uncertain Reasoning for Adaptive Cyber Defense: Building the Scientific Foundation
Today’s cyberdefenses are largely static. They are governed by slow deliberative processes involving testing, security patch deployment, and human-in-the-loop monitoring. As a result, adversaries can systematically probe target networks, pre-plan their attacks, and ultimately persist for long times inside compromised networks and hosts. A new class of technologies, called Adaptive Cyber Defense (ACD), is being developed that presents adversaries with optimally changing attack surfaces and system configurations, forcing adversaries to continually re-assess and re-plan their cyberoperations. Although these approaches (e.g., moving target defense, dynamic diversity, and bio-inspired defense) are promising, they assume stationary and stochastic, but non-adversarial, environments. This research aims to build the scientific foundations so that system resiliency and robustness in adversarial settings can be thoroughly defined, quantified, measured, and extrapolated in a rigorous and reliable manner.