CSIS Seminar

Attack-Resilient Systems and Networks

Abstract

In recent years, we have seen a number of successful cyber-attacks against high-profile targets, which have demonstrated that resourceful and determined attackers can penetrate even highly secure and isolated systems. In light of these attacks, it becomes apparent that defenders cannot focus solely on preventing attackers from penetrating their systems. Instead, it behooves defenders to reduce the impact of successful cyber-attacks by designing and operating their systems in attack-resilient ways. In this talk, I present my research on attack-resilient systems and networks, focusing on problems that pertain to cyber-physical systems (CPS): deployment and configuration of intrusion detection systems, scheduling of attack mitigation, and risk transfer.

A particularly severe threat to CPS is posed by stealthy attacks, which aim to keep security compromises hidden in order to attain higher impact over a longer period of time. To detect stealthy attacks, defenders may deploy intrusion detection systems (IDS), which monitor computer systems and networks for suspicious activity. However, the deployment and configuration of IDS in heterogeneous distributed systems, such as spatially-distributed CPS, pose challenging problems. I will discuss how to solve two key problems: deploying computationally-demanding IDS on resource-bounded devices and configuring IDS to minimize the number of false alarms.

Despite these efforts, sophisticated attacks, such as advanced persistent threats, may remain covert for extended periods of time. Consequently, defenders can further increase resilience by occasionally resetting potentially compromised resources to known secure states, for example, by changing passwords or cryptographic private keys. However, since compromises are covert, defenders have to mitigate potential attacks under a regime of incomplete information, which complicates the timing of resets. To address this problem, I present optimal strategies for timing resets in the presence of strategic attackers.

Finally, to transfer the residual cyber-risk that might remain after applying technical countermeasures, defenders may purchase cyber-insurance policies. Despite its benefits, the cyber-insurance market has been slow to develop due to certain complicating factors, such as the existence of non-diversifiable risks. To explain these factors, I show how interdependence and software monocultures lead to non-diversifiable cyber-risks, and I propose an approach for alleviating these risks.

Speaker Bio

Dr. Aron Laszka is a postdoctoral scholar at the University of California, Berkeley, working on secure and resilient cyber-physical systems. Previously, he was a postdoctoral research scholar at the Institute for Software Integrated Systems at Vanderbilt University from 2014 to 2015, and a visiting research scholar at Pennsylvania State University in 2013. He graduated summa cum laude with a Ph.D. in Computer Science from the Budapest University of Technology and Economics in 2014. His research interests broadly revolve around cyber-security, cyber-physical systems, economics of security, resilient design, and game theory for security.