Skip to main content
SpringerLink
Log in
Book cover

Proactive and Dynamic Network Defense pp 1–31Cite as

Cybersecurity Dynamics: A Foundation for the Science of Cybersecurity

  • Chapter
  • First Online:

Part of the book series: Advances in Information Security ((ADIS,volume 74))

Abstract

Cybersecurity Dynamics is new concept that aims to achieve the modeling, analysis, quantification, and management of cybersecurity from a holistic perspective, rather than from a building-blocks perspective. It is centered at modeling and analyzing the attack-defense interactions in cyberspace, which cause a “natural” phenomenon—the evolution of the global cybersecurity state. In this chapter, we systematically introduce and review the Cybersecurity Dynamics foundation for the Science of Cybersecurity. We review the core concepts, technical approaches, research axes, and results that have been obtained in this endeavor. We outline a research roadmap towards the ultimate research goal, and identified technical barriers that poses challenges to reach the goal.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   119.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD   159.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. E. Alata, M. Dacier, Y. Deswarte, M. Kaaâniche, K. Kortchinsky, V. Nicomette, V. Pham, F. Pouget, Collection and analysis of attack data based on honeypots deployed on the internet, in Proceedings of the Quality of Protection - Security Measurements and Metrics (2006), pp. 79–91

    Google Scholar 

  2. M. Albanese, S. Jajodia, S. Noel, Time-efficient and cost-effective network hardening using attack graphs, in Proceedings of the IEEE DSN’12 (2012), pp. 1–12

    Google Scholar 

  3. R. Albert, H. Jeong, A. Barabasi, Error and attack tolerance of complex networks. Nature 406, 378–482 (2000)

    Article  Google Scholar 

  4. S. Almotairi, A. Clark, M. Dacier, C. Leita, G. Mohay, V. Pham, O. Thonnard, J. Zimmermann, Extracting inter-arrival time based behaviour from honeypot traffic using cliques, in 5th Australian Digital Forensics Conference (2007), pp. 79–87

    Google Scholar 

  5. S. Almotairi, A. Clark, G. Mohay, J. Zimmermann, Characterization of attackers’ activities in honeypot traffic using principal component analysis, in Proceedings of the IFIP International Conference on Network and Parallel Computing (2008), pp. 147–154

    Google Scholar 

  6. S. Almotairi, A. Clark, G. Mohay, J. Zimmermann, A technique for detecting new attacks in low-interaction honeypot traffic, in Proceedings of the International Conference on Internet Monitoring and Protection (2009), pp. 7–13

    Google Scholar 

  7. P. Ammann, D. Wijesekera, S. Kaushik, Scalable, graph-based network vulnerability analysis, in Proceedings of the ACM CCS’02 (2002), pp. 217–224

    Google Scholar 

  8. R. Anderson, R. May, Infectious Diseases of Humans (Oxford University Press, Oxford, 1991)

    Google Scholar 

  9. N. Bailey, The Mathematical Theory of Infectious Diseases and Its Applications, 2nd edn. (Griffin, London, 1975)

    MATH  Google Scholar 

  10. M. Bailey, E. Cooke, F. Jahanian, J. Nazario, D. Watson, Internet motion sensor: a distributed blackhole monitoring system, in Proceedings of The 12th Network and Distributed System Security Symposium (NDSS’05), 2005

    Google Scholar 

  11. A. Barrat, M. Barthlemy, A. Vespignani, Dynamical Processes on Complex Networks (Cambridge University Press, Cambridge, 2008)

    Book  Google Scholar 

  12. D. Chakrabarti, Y. Wang, C. Wang, J. Leskovec, C. Faloutsos, Epidemic thresholds in real networks. ACM Trans. Inf. Syst. Secur. 10(4), 1–26 (2008)

    Article  Google Scholar 

  13. J. Charlton, P. Du, J. Cho, S. Xu, Measuring relative accuracy of malware detectors in the absence of ground truth, in Proceedings of IEEE MILCOM (2018), pp. 450–455

    Google Scholar 

  14. Checkmarx (2018). https://www.checkmarx.com/

  15. Y.-Z. Chen, Z.-G. Huang, S. Xu, Y.-C. Lai, Spatiotemporal patterns and predictability of cyberattacks. PLoS One 10(5), e0124472 (2015)

    Google Scholar 

  16. H. Chen, D. Zou, S. Xu, H. Jin, B. Yuan, Y. Lu, SAND: semi-automated adaptive network defense via programmable rule generation and deployment (2019, manuscript under review)

    Google Scholar 

  17. H. Chen, J.-H. Cho, S. Xu, Quantifying the security effectiveness of firewalls and DMZs, in Proceedings of the 5th Annual Symposium and Bootcamp on Hot Topics in the Science of Security (HoTSoS’2018) (2018), pp. 9:1–9:11

    Google Scholar 

  18. H. Chen, J.-H. Cho, S. Xu, Quantifying the security effectiveness of network diversity: poster, in Proceedings of the 5th Annual Symposium and Bootcamp on Hot Topics in the Science of Security (HoTSoS’2018) (2018), p. 24:1

    Google Scholar 

  19. Y. Cheng, J. Deng, J. Li, S. DeLoach, A. Singhal, X. Ou, Metrics of security, in Cyber Defense and Situational Awareness, vol. 62 (Springer, Cham, 2014)

    Google Scholar 

  20. J.-H. Cho, P. Hurley, S. Xu, Metrics and measurement of trustworthy systems, in IEEE Military Communication Conference (MILCOM 2016), 2016

    Google Scholar 

  21. J. Cho, S. Xu, P. Hurley, M. Mackay, T. Benjamin, M. Beaumont, STRAM: measuring the trustworthiness of computerbased systems, ACM Computing Survey, Accepted for publication (to appear in 2019)

    Google Scholar 

  22. J. Chow, B. Pfaff, T. Garfinkel, K. Christopher, M. Rosenblum, Understanding data lifetime via whole system simulation, in Proceedings of Usenix Security Symposium 2004, 2004

    Google Scholar 

  23. W. Connell, D.A. Menascé, M. Albanese, Performance modeling of moving target defenses, in Proceedings of the 2017 Workshop on Moving Target Defense, MTD ’17 (2017), pp. 53–63

    Google Scholar 

  24. G. Conti, K. Abdullah, Passive visual fingerprinting of network attack tools, in Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security (2004), pp. 45–54

    Google Scholar 

  25. G. Da, M. Xu, S. Xu, A new approach to modeling and analyzing security of networked systems, in Proceedings of the 2014 Symposium and Bootcamp on the Science of Security (HotSoS’14) (2014), pp. 6:1–6:12

    Google Scholar 

  26. D. Dagon, G. Gu, C.P. Lee, W. Lee, A taxonomy of botnet structures, in 23rd Annual Computer Security Applications Conference (ACSAC’07) (2007), pp. 325–339

    Google Scholar 

  27. Y. Desmedt, Y. Frankel, Threshold cryptosystems, in Proceedings of the CRYPTO 89 (1989), pp. 307–315

    Google Scholar 

  28. X. Ding, G. Tsudik, S. Xu, Leak-free group signatures with immediate revocation, in 24th International Conference on Distributed Computing Systems (ICDCS 2004) (IEEE Computer Society, Los Alamitos, 2004), pp. 608–615

    Google Scholar 

  29. X. Ding, G. Tsudik, S. Xu, Leak-free mediated group signatures. J. Comput. Secur. 17(4), 489–514 (2009)

    Article  Google Scholar 

  30. Y. Dodis, J. Katz, S. Xu, M. Yung, Key-insulated public key cryptosystems, in Advances in Cryptology - EUROCRYPT 2002, ed. by L.R. Knudsen. Lecture Notes in Computer Science, vol. 2332 (Springer, Berlin, 2002), pp. 65–82

    Google Scholar 

  31. Y. Dodis, J. Katz, S. Xu, M. Yung, Strong key-insulated signature schemes, in Public Key Cryptography (PKC’03) (2003), pp. 130–144

    Google Scholar 

  32. Y. Dodis, W. Luo, S. Xu, M. Yung, Key-insulated symmetric key cryptography and mitigating attacks against cryptographic cloud software, in 7th ACM Symposium on Information, Computer and Communications Security, ASIACCS ’12 (2012), pp. 57–58

    Google Scholar 

  33. P. Du, Z. Sun, H. Chen, J.H. Cho, S. Xu, Statistical estimation of malware detection metrics in the absence of ground truth. IEEE Trans. Inf. Forensics Secur. 13, 2965–2980 (2018)

    Article  Google Scholar 

  34. Flawfinder (2018). http://www.dwheeler.com/flawfinder

  35. A. Ganesh, L. Massoulie, D. Towsley, The effect of network topology on the spread of epidemics, in Proceedings of IEEE Infocom 2005 (2005)

    Google Scholar 

  36. R. Garcia-Lebron, D.J. Myers, S. Xu, J. Sun, Node diversification in complex networks by decentralized colouring. J. Complex Networks, cny031. (2018). https://doi.org/10.1093/comnet/cny031

  37. R. Garcia-Lebron, K. Schweitzer, R. Bateman, S. Xu, A framework for characterizing the evolution of cyber attackervictim relation graphs, in Proceedings of IEEE MILCOM (2018), pp. 70–75

    Google Scholar 

  38. G. Grieco, G.L. Grinblat, L.C. Uzal, S. Rawat, J. Feist, L. Mounier, Toward large-scale vulnerability discovery using machine learning, in Proceedings of the Sixth ACM on Conference on Data and Application Security and Privacy, CODASPY 2016, New Orleans (2016), pp. 85–96

    Google Scholar 

  39. L. Guan, J. Lin, B. Luo, J. Jing, J. Wang, Protecting private keys against memory disclosure attacks using hardware transactional memory, in Proceedings of the 2015 IEEE Symposium on Security and Privacy, SP ’15 (2015), pp. 3–19

    Google Scholar 

  40. Y. Han, W. Lu, S. Xu, Characterizing the power of moving target defense via cyber epidemic dynamics, in Proceedings of the 2014 Symposium and Bootcamp on the Science of Security (HotSoS’14) (2014), pp. 10:1–10:12

    Google Scholar 

  41. K. Harrison, S. Xu, Protecting cryptographic keys from memory disclosures, in Proceedings of the 2007 IEEE/IFIP International Conference on Dependable Systems and Networks (DSN-DCCS’07) (IEEE Computer Society, Los Alamitos, 2007), pp. 137–143

    Google Scholar 

  42. C. Herley, P.C.v. Oorschot, SoK: science, security and the elusive goal of security as a scientific pursuit, in 2017 IEEE Symposium on Security and Privacy (SP), May 2017, pp. 99–120

    Google Scholar 

  43. A. Herrero, U. Zurutuza, E. Corchado, A neural-visualization IDS for honeynet data. Int. J. Neural Syst. 22(2), 1250005 (2012)

    Google Scholar 

  44. A. Herzberg, M. Jakobsson, S. Jarecki, H. Krawczyk, M. Yung, Proactive public key and signature schemes, in Proceedings of the Fourth Annual Conference on Computer and Communications Security (ACM, New York, 1997), pp. 100–110

    Google Scholar 

  45. H. Hethcote, The mathematics of infectious diseases. SIAM Rev. 42(4), 599–653 (2000)

    Article  MathSciNet  Google Scholar 

  46. J. Homer, S. Zhang, X. Ou, D. Schmidt, Y. Du, S. Raj Rajagopalan, A. Singhal, Aggregating vulnerability metrics in enterprise networks using attack graphs. J. Comput. Secur. 21(4), 561–597 (2013)

    Article  Google Scholar 

  47. K. Hoover, Idealizing reduction: the microfoundations of macroeconomics. Erkenntnis 73, 329–347 (2010)

    Article  Google Scholar 

  48. A. Hussain, J. Heidemann, C. Papadopoulos, A framework for classifying denial of service attacks, in Proceedings of ACM SIGCOMM’03 (2003), pp. 99–110

    Google Scholar 

  49. E.M. Hutchins, M.J. Cloppert, R.M. Amin, Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains, in 2011 International Conference on Information Warfare and Security (2011)

    Google Scholar 

  50. INFOSEC Research Council, Hard problem list (2007). http://www.infosec-research.org/docs_public/20051130-IRC-HPL-FINAL.pdf

  51. J.H. Jafarian, E. Al-Shaer, Q. Duan, Openflow random host mutation: transparent moving target defense using software defined networking, in Proceedings of the First Workshop on Hot Topics in Software Defined Networks (HotSDN’12) (2012), pp. 127–132

    Google Scholar 

  52. S. Jha, O. Sheyner, J. Wing, Two formal analyses of attack graphs, in Proceedings of the IEEE Workshop on Computer Security Foundations (2002), pp. 49–59

    Google Scholar 

  53. H. Joe, Dependence Modeling with Copulas (CRC Press, Boca Raton, 2014)

    Book  Google Scholar 

  54. A. Juels, B.S. Kaliski Jr., Pors: proofs of retrievability for large files, in Proceedings of the ACM Conference on Computer and Communications Security (CCS’07) (2007), pp. 584–597

    Google Scholar 

  55. M. Kaâniche, Y. Deswarte, E. Alata, M. Dacier, V. Nicomette, Empirical analysis and statistical modeling of attack processes based on honeypots. CoRR (2007). http://arxiv.org/abs/0704.0861

  56. A. Kantchelian, M.C. Tschantz, S. Afroz, B. Miller, V. Shankar, R. Bachwani, A.D. Joseph, J.D. Tygar, Better malware ground truth: techniques for weighting anti-virus vendor labels, in Proceedings of the 8th ACM Workshop on Artificial Intelligence and Security (ACM, New York, 2015), pp. 45–56

    Google Scholar 

  57. E.J. Kartaltepe, J.A. Morales, S. Xu, R.S. Sandhu, Social network-based botnet command-and-control: emerging threats and countermeasures, in ACNS (2010), pp. 511–528

    Google Scholar 

  58. J. Kephart S. White, Directed-graph epidemiological models of computer viruses, in IEEE Symposium on Security and Privacy (1991), pp. 343–361

    Google Scholar 

  59. J. Kephart, S. White, Measuring and modeling computer virus prevalence, in IEEE Symposium on Security and Privacy (1993), pp. 2–15

    Google Scholar 

  60. W. Kermack, A. McKendrick, A contribution to the mathematical theory of epidemics. Proc. R. Soc. Lond. A 115, 700–721 (1927)

    Article  Google Scholar 

  61. S. Kim, S. Woo, H. Lee, H. Oh, VUDDY: a scalable approach for vulnerable code clone discovery, in 2017 IEEE Symposium on Security and Privacy (2017), pp. 595–614

    Google Scholar 

  62. P. Kocher, D. Genkin, D. Gruss, W. Haas, M. Hamburg, M. Lipp, S. Mangard, T. Prescher, M. Schwarz, Y. Yarom, Spectre attacks: exploiting speculative execution. CoRR (2018). http://arxiv.org/abs/1801.01203

  63. B. Köpf, D. Basin, An information-theoretic model for adaptive side-channel attacks, in Proceedings of the ACM Conference on Computer and Communications Security (ACM, New York, 2007), pp. 286–296

    Google Scholar 

  64. A. Kott, Towards fundamental science of cyber security, in Network Science and Cybersecurity, ed. by R.E. Pino. Advances in Information Security, vol. 55 (Springer, New York, 2014), pp. 1–13

    Google Scholar 

  65. B. Lampson, Practical principles for computer security (2006). http://bwlampson.site/Slides/PracticalPrinciplesSecurityAbstract.htm

  66. J. Leonard, S. Xu, R.S. Sandhu, A framework for understanding botnets, in Proceedings of the Fourth International Conference on Availability, Reliability and Security, ARES (2009), pp. 917–922

    Google Scholar 

  67. X. Li, P. Parker, S. Xu, Towards quantifying the (in)security of networked systems, in 21st IEEE International Conference on Advanced Information Networking and Applications (AINA’07) (2007), pp. 420–427

    Google Scholar 

  68. X. Li, P. Parker, S. Xu, A stochastic model for quantitative security analysis of networked systems. IEEE Trans. Dependable Secure Comput. 8(1), 28–43 (2011)

    Article  Google Scholar 

  69. Z. Li, D. Zou, S. Xu, H. Jin, H. Qi, J. Hu, VulPecker: an automated vulnerability detection system based on code similarity analysis, in Proceedings of the 32nd Annual Conference on Computer Security Applications, ACSAC, Los Angeles (2016), pp. 201–213

    Google Scholar 

  70. Z. Li, D. Zou, S. Xu, X. Ou, H. Jin, S. Wang, Z. Deng, Y. Zhong, VulDeePecker: a deep learning-based system for vulnerability detection, in Proceedings of the 25th Annual Network and Distributed System Security Symposium (NDSS’2018) (2018)

    Google Scholar 

  71. Z. Li, D. Zou, S. Xu, H. Jin, Y. Zhu, Z. Chen, S. Wang, J. Wang, SySeVR: a framework for using deep learning to detect software vulnerabilities, CoRR abs/1807.06756 (2018)

    Google Scholar 

  72. T. Liggett, Interacting Particle Systems (Springer, Berlin, 1985)

    Book  Google Scholar 

  73. W. Lu, S. Xu, X. Yi, Optimizing active cyber defense dynamics, in Proceedings of the 4th International Conference on Decision and Game Theory for Security (GameSec’13) (2013), pp. 206–225

    Google Scholar 

  74. W. Luo, L. Xu, Z. Zhan, Q. Zheng, S. Xu, Federated cloud security architecture for secure and agile clouds, in High Performance Cloud Auditing and Applications, ed. by K.J. Han, B.-Y. Choi, S. Song (Springer, New York, 2014), pp. 169–188

    Chapter  Google Scholar 

  75. J. Ma, L.K. Saul, S. Savage, G.M. Voelker, Learning to detect malicious urls. ACM TIST 2(3), 30:1–30:24 (2011)

    Google Scholar 

  76. H. Maleki, S. Valizadeh, W. Koch, A. Bestavros, M. van Dijk, Markov modeling of moving target defense games, in Proceedings of the 2016 ACM Workshop on Moving Target Defense, MTD ’16 (2016), pp. 81–92

    Google Scholar 

  77. Mandiant. Apt1 report. https://www.fireeye.com/content/dam/fireeyewww/services/pdfs/mandiant-apt1-report.pdf, 16 Feb 2013. Accessed 08 July 2016

  78. A. McKendrick, Applications of mathematics to medical problems. Proc. Edinb. Math. Soc. 14, 98–130 (1926)

    Google Scholar 

  79. J. Mireles, E. Ficke, J.-H. Cho, P. Hurley, S. Xu, Metrics towards measuring cyber agility (2019, manuscript in submission)

    Google Scholar 

  80. A. Mohaisen, O. Alrawi, AV-meter: an evaluation of antivirus scans and labels, in Detection of Intrusions and Malware, and Vulnerability Assessment - 11th International Conference, DIMVA 2014, Proceedings (2014), pp. 112–131

    Google Scholar 

  81. J. Morales, S. Xu, R. Sandhu, Analyzing malware detection efficiency with multiple anti-malware programs, in Proceedings of 2012 ASE International Conference on Cyber Security (CyberSecurity’12) (2012)

    Google Scholar 

  82. Y. Moreno, R. Pastor-Satorras, A. Vespignani, Epidemic outbreaks in complex heterogeneous networks. Eur. Phys. J. B 26, 521–529 (2002)

    Google Scholar 

  83. D. Mulamba, I. Ray, Resilient reference monitor for distributed access control via moving target defense, in Data and Applications Security and Privacy XXXI, ed. by G. Livraga, S. Zhu (2017), pp. 20–40

    Google Scholar 

  84. National Science and Technology Council, Trustworthy cyberspace: strategic plan for the federal cybersecurity research and development program (2011). https://www.nitrd.gov/SUBCOMMITTEE/csia/Fed_Cybersecurity_RD_Strategic_Plan_2011.pdf

  85. S. Neuhaus, T. Zimmermann, C. Holler, A. Zeller, Predicting vulnerable software components, in Proceedings of the 2007 ACM Conference on Computer and Communications Security, CCS 2007, Alexandria (2007), pp. 529–540

    Google Scholar 

  86. M. Newman, The structure and function of complex networks. SIAM Rev. 45, 167 (2003)

    Article  MathSciNet  Google Scholar 

  87. D.M. Nicol, W.H. Sanders, K.S. Trivedi, Model-based evaluation: from dependability to security. IEEE Trans. Dependable Secure Comput. 1(1), 48–65 (2004)

    Article  Google Scholar 

  88. D. Nicol, B. Sanders, J. Katz, B. Scherlis, T. Dumitra, L. Williams, M.P. Singh, The science of security 5 hard problems (Aug 2015). http://cps-vo.org/node/21590

  89. S. Noel, S. Jajodia, A Suite of Metrics for Network Attack Graph Analytics (Springer, Cham, 2017), pp. 141–176

    Google Scholar 

  90. H. Okhravi, M. Rabe, T. Mayberry, W. Leonard, T. Hobson, D. Bigelow, W. Streilein, Survey of cyber moving targets (MIT Lincoln Lab technical report), 2013

    Google Scholar 

  91. T.P. Parker, S. Xu, A method for safekeeping cryptographic keys from memory disclosure attacks, in First International Conference on Trusted Systems (INTRUST’2009) (2009), pp. 39–59

    Google Scholar 

  92. R. Pastor-Satorras, A. Vespignani, Epidemic dynamics and endemic states in complex networks. Phys. Rev. E 63, 066117 (2001)

    Article  Google Scholar 

  93. R. Pastor-Satorras, A. Vespignani, Epidemic dynamics in finite size scale-free networks. Phys. Rev. E 65, 035108 (2002)

    Article  Google Scholar 

  94. M. Pendleton, R. Garcia-Lebron, J.-H. Cho, S. Xu, A survey on systems security metrics. ACM Comput. Surv. 49(4), 62:1–62:35 (2016)

    Google Scholar 

  95. C. Peng, M. Xu, S. Xu, T. Hu, Modeling and predicting extreme cyber attack rates via marked point processes. J. Appl. Stat. 44(14), 2534–2563 (2017)

    Article  MathSciNet  Google Scholar 

  96. C. Peng, M. Xu, S. Xu, T. Hu, Modeling multivariate cybersecurity risks. J. Appl. Stat 45(15), 2718–2740 (2018). https://doi.org/10.1080/02664763.2018.1436701

    Article  MathSciNet  Google Scholar 

  97. R. Perdisci, U. ManChon, VAMO: towards a fully automated malware clustering validity analysis, in Proceedings of the 28th Annual Computer Security Applications Conference, ACSAC ’12 (2012), pp. 329–338

    Google Scholar 

  98. S.L. Pfleeger, Useful cybersecurity metrics. IT Prof. 11(3), 38–45 (2009)

    Article  Google Scholar 

  99. S.L. Pfleeger, R.K. Cunningham, Why measuring security is hard. IEEE Secur. Priv. 8(4), 46–54 (2010)

    Article  Google Scholar 

  100. C. Phillips, L.P. Swiler, A graph-based system for network-vulnerability analysis, in Proceedings of the 1998 Workshop on New Security Paradigms, NSPW ’98 (1998), pp. 71–79

    Google Scholar 

  101. N. Provos, A virtual honeypot framework, in USENIX Security Symposium (2004), pp. 1–14

    Google Scholar 

  102. N. Provos, D. McNamee, P. Mavrommatis, K. Wang, N. Modadugu, The ghost in the browser analysis of web-based malware, in Proceedings of the First Workshop on Hot Topics in Understanding Botnets (HotBots’07) (2007)

    Google Scholar 

  103. M.A. Rahman, E. Al-Shaer, R.B. Bobba, Moving target defense for hardening the security of the power system state estimation, in Proceedings of the First ACM Workshop on Moving Target Defense, MTD ’14 (2014), pp. 59–68

    Google Scholar 

  104. A. Ramos, M. Lazar, R.H. Filho, J.J.P.C. Rodrigues, Model-based quantitative network security metrics: a survey. IEEE Commun. Surv. Tutorials 19(4), 2704–2734 (2017)

    Article  Google Scholar 

  105. R.W. Ritchey, P. Ammann, Using model checking to analyze network vulnerabilities, in Proceedings of the IEEE Symposium on Security and Privacy (2000), pp. 156–165

    Google Scholar 

  106. A. Roque, K.B. Bush, C. Degni, Security is about control: insights from cybernetics, in Proceedings of the Symposium and Bootcamp on the Science of Security, Pittsburgh, April 19–21, 2016, pp. 17–24

    Google Scholar 

  107. Rough Audit Tool for Security (2014). https://code.google.com/archive/p/rough-auditing-tool-for-security/

  108. F. Schneider, Blueprint for a science of cybersecurity. Technical report, Cornell University, May 2011. Also to appear in The Next Wave

    Google Scholar 

  109. Y. Shang, W. Luo, S. Xu, l-hop percolation on networks with arbitrary degree distributions and its applications. Phys. Rev. E 84, 031113 (2011)

    Google Scholar 

  110. O. Sheyner, J. Haines, S. Jha, R. Lippmann, J. Wing, Automated generation and analysis of attack graphs, in IEEE Symposium on Security and Privacy (2002), pp. 273–284

    Google Scholar 

  111. Y. Shin, A. Meneely, L. Williams, J.A. Osborne, Evaluating complexity, code churn, and developer activity metrics as indicators of software vulnerabilities. IEEE Trans. Softw. Eng. 37(6), 772–787 (2011)

    Article  Google Scholar 

  112. J.M. Spring, T. Moore, D.J. Pym, Practicing a science of security: a philosophy of science perspective, in Proceedings of the 2017 New Security Paradigms Workshop, NSPW 2017 (2017), pp. 1–18

    Google Scholar 

  113. C. Trippel, D. Lustig, M. Martonosi, Meltdownprime and spectreprime: automatically-synthesized attacks exploiting invalidation-based coherence protocols. CoRR (2018). http://arxiv.org/abs/1802.03802

  114. A. Tyra, J. Li, Y. Shang, S. Jiang, Y. Zhao, S. Xu, Robustness of non-interdependent and interdependent networks against dependent and adaptive attacks. Phys. A Stat. Mech. Appl. 482, 713–727 (2017)

    Article  Google Scholar 

  115. P. Van Mieghem, J. Omic, R. Kooij, Virus spread in networks. IEEE/ACM Trans. Netw. 17(1), 1–14 (2009)

    Article  Google Scholar 

  116. Y. Wang, D. Chakrabarti, C. Wang, C. Faloutsos, Epidemic spreading in real networks: an eigenvalue viewpoint, in Proceedings of the 22nd IEEE Symposium on Reliable Distributed Systems (SRDS’03) (2003), pp. 25–34

    Google Scholar 

  117. S. Xu, On the security of group communication schemes. J. Comput. Secur. 15(1), 129–169 (2007)

    Article  Google Scholar 

  118. S. Xu, Collaborative attack vs. collaborative defense, in 4th International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom’2008) (2008), pp. 217–228

    Google Scholar 

  119. S. Xu, Cybersecurity dynamics, in Proceedings of the Symposium and Bootcamp on the Science of Security (HotSoS’14) (2014), pp. 14:1–14:2

    Google Scholar 

  120. S. Xu, Emergent behavior in cybersecurity, in Proceedings of the 2014 Symposium and Bootcamp on the Science of Security (HotSoS’14) (2014), pp. 13:1–13:2

    Google Scholar 

  121. S. Xu, Cybersecurity dynamics publications. http://www.cs.utsa.edu/~shxu/socs/

  122. S. Xu, M. Yung, Expecting the unexpected: towards robust credential infrastructure, in 13th International Conference on Financial Cryptography and Data Security (FC’09) (2009), pp. 201–221

    Google Scholar 

  123. M. Xu, S. Xu, An extended stochastic model for quantitative security analysis of networked systems. Internet Math. 8(3), 288–320 (2012)

    Article  MathSciNet  Google Scholar 

  124. S. Xu, X. Li, P. Parker, Exploiting social networks for threshold signing: attack-resilience vs. availability, in ACM Symposium on Information, Computer and Communications Security (ASIACCS’08) (2008), pp. 325–336

    Google Scholar 

  125. S. Xu, X. Li, T. Parker, X. Wang, Exploiting trust-based social networks for distributed protection of sensitive data. IEEE Trans. Inf. Forensics Secur. 6(1), 39–52 (2011)

    Article  Google Scholar 

  126. S. Xu, W. Lu, L. Xu, Push- and pull-based epidemic spreading in arbitrary networks: thresholds and deeper insights. ACM Trans. Auton. Adapt. Syst. 7(3), 32:1–32:26 (2012)

    Google Scholar 

  127. S. Xu, W. Lu, Z. Zhan, A stochastic model of multivirus dynamics. IEEE Trans. Dependable Secure Comput. 9(1), 30–45 (2012)

    Article  Google Scholar 

  128. L. Xu, Z. Zhan, S. Xu, K. Ye, Cross-layer detection of malicious websites, in Third ACM Conference on Data and Application Security and Privacy (ACM CODASPY’13) (2013), pp. 141–152

    Google Scholar 

  129. L. Xu, Z. Zhan, S. Xu, K. Ye, An evasion and counter-evasion study in malicious websites detection, in IEEE Conference on Communications and Network Security (CNS’14) (2013), pp. 141–152

    Google Scholar 

  130. S. Xu, W. Lu, L. Xu, Z. Zhan, Adaptive epidemic dynamics in networks: thresholds and control. ACM Trans. Auton. Adapt. Syst. 8(4), 19 (2014)

    Google Scholar 

  131. M. Xu, G. Da, S. Xu, Cyber epidemic models with dependences. Internet Math. 11(1), 62–92 (2015)

    Article  MathSciNet  Google Scholar 

  132. S. Xu, W. Lu, H. Li, A stochastic model of active cyber defense dynamics. Internet Math. 11(1), 23–61 (2015)

    Article  MathSciNet  Google Scholar 

  133. M. Xu, L. Hua, S. Xu, A vine copula model for predicting the effectiveness of cyber defense early-warning. Technometrics 59(4), 508–520 (2017)

    Article  MathSciNet  Google Scholar 

  134. M. Xu, K.M. Schweitzer, R.M. Bateman, S. Xu, Modeling and predicting cyber hacking breaches. IEEE Trans. Inf. Forensics Secur. 13(11), 2856–2871 (2018)

    Article  Google Scholar 

  135. F. Yamaguchi, F. “FX” Lindner, K. Rieck, Vulnerability extrapolation: assisted discovery of vulnerabilities using machine learning, in Proceedings of the 5th USENIX Workshop on Offensive Technologies, WOOT’11, 8 Aug 2011, San Francisco (2011), pp. 118–127

    Google Scholar 

  136. F. Yamaguchi, M. Lottmann, K. Rieck, Generalized vulnerability extrapolation using abstract syntax trees, in 28th Annual Computer Security Applications Conference, ACSAC 2012, Orlando (2012), pp. 359–368

    Google Scholar 

  137. F. Yamaguchi, C. Wressnegger, H. Gascon, K. Rieck, Chucky: exposing missing checks in source code for vulnerability discovery, in 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS’13, Berlin (2013), pp. 499–510

    Google Scholar 

  138. Z. Zhan, M. Xu, S. Xu, Characterizing honeypot-captured cyber attacks: statistical framework and case study. IEEE Trans. Inf. Forensics Secur. 8(11), 1775–1789 (2013)

    Article  Google Scholar 

  139. Z. Zhan, M. Xu, S. Xu, A characterization of cybersecurity posture from network telescope data, in Proceedings of the 6th International Conference on Trustworthy Systems (InTrust’14) (2014), pp. 105–126

    Google Scholar 

  140. Z. Zhan, M. Xu, S. Xu, Predicting cyber attack rates with extreme values. IEEE Trans. Inf. Forensics Secur. 10(8), 1666–1677 (2015)

    Article  Google Scholar 

  141. Y. Zhao, Y. Xie, F. Yu, Q. Ke, Y. Yu, Y. Chen, E. Gillum, BotGraph: large scale spamming botnet detection, in Proc. NSDI’09 (2009), pp. 321–334

    Google Scholar 

  142. Q. Zheng, S. Xu, Fair and dynamic proofs of retrievability, in First ACM Conference on Data and Application Security and Privacy, (CODASPY’2011) (2011), pp. 237–248

    Google Scholar 

  143. Q. Zheng, S. Xu, Secure and efficient proof of storage with deduplication, in Second ACM Conference on Data and Application Security and Privacy (CODASPY’2012) (2012), pp. 1–12

    Google Scholar 

  144. Q. Zheng, S. Xu, Verifiable delegated set intersection operations on outsourced encrypted data, in 2015 IEEE International Conference on Cloud Engineering, IC2E 2015 (2015), pp. 175–184

    Google Scholar 

  145. Q. Zheng, S. Xu, G. Ateniese, Efficient query integrity for outsourced dynamic databases, in Proceedings of the 2012 ACM Workshop on Cloud Computing Security, CCSW 2012, Raleigh, 19 Oct 2012, pp. 71–82

    Google Scholar 

  146. Q. Zheng, S. Xu, G. Ateniese, VABKS: verifiable attribute-based keyword search over outsourced encrypted data, in Proceedings of the 2014 IEEE Conference on Computer Communications (INFOCOM’2014) (2014), pp. 522–530

    Google Scholar 

  147. R. Zheng, W. Lu, S. Xu, Active cyber defense dynamics exhibiting rich phenomena, in Proceedings of the 2015 Symposium and Bootcamp on the Science of Security (HotSoS’15) (2015), pp. 2:1–2:12

    Google Scholar 

  148. R. Zheng, W. Lu, S. Xu, Preventive and reactive cyber defense dynamics is globally stable. IEEE Trans. Netw. Sci. Eng. 5(2), 156–170 (2017)

    Article  MathSciNet  Google Scholar 

  149. S. Zhu, S. Setia, S. Xu, S. Jajodia, GKMPAN: an efficient group rekeying scheme for secure multicast in ad-hoc networks. J. Comput. Secur. 14(4), 301–325 (2006)

    Article  Google Scholar 

Download references

Acknowledgements

This work was supported in part by ARO Grant # W911NF-17-1-0566 and ARL Grant # W911NF-17-2-0127. The author would like to thank his mentors for their encouragement, and his collaborators (including his former and current students) for deepening his understanding of the problem and potential solutions. The author would also like to thank Lisa Ho and John Charlton for proofreading the present chapter.

Author information

Authors and Affiliations

  1. Laboratory for Cybersecurity Dynamics, Department of Computer Science, University of Texas at San Antonio, San Antonio, TX, USA

    Shouhuai Xu

Authors
  1. Shouhuai Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shouhuai Xu .

Editor information

Editors and Affiliations

  1. Computing and Information Science Division, Army Research Office, Durham, NC, USA

    Cliff Wang

  2. Department of Electrical Engineering, University of South Florida, Tampa, FL, USA

    Zhuo Lu

Rights and permissions

Reprints and permissions

Copyright information

© 2019 This is a U.S. government work and not under copyright protection in the U.S.; foreign copyright protection may apply

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Xu, S. (2019). Cybersecurity Dynamics: A Foundation for the Science of Cybersecurity. In: Wang, C., Lu, Z. (eds) Proactive and Dynamic Network Defense. Advances in Information Security, vol 74. Springer, Cham. https://doi.org/10.1007/978-3-030-10597-6_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-10597-6_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-10596-9

  • Online ISBN: 978-3-030-10597-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation