Data-Driven Model Generation for Deception Defence of Cyber-Physical Environments
Abstract:
Cyber deception is a burgeoning defence technique that provides increased detection and slowed attack impact. Deception could be a valuable solution for defending the slow-to-patch and minimally cryptographic industrial Cyber-Physical Systems. However, it is necessary for cyber- physical decoys to appear connected to the physical process of the defended system to be convincing. In this paper, the authors present a machine-learning approach to learn good-enough models of the defended system to drive realistic decoy response. The results of studying this approach with simulated and real building systems are discussed.
AUTHORS
Pacific Northwest National Laboratory
Richland, Washington, United States
Kathleen Nowak is a mathematician at PNNL. Working at PNNL, she has applied techniques from graph theory, combinatorics, optimization, game theory, linear algebra, signal processing, and topological data analysis to projects in machine learning, cyber security, nuclear nonproliferation, and quantum computing. Her current work focuses on machine learning in the national security space. Ms. Nowak holds a PhD in pure mathematics from Iowa State University where she specialized in algebraic combinatorics.
Pacific Northwest National Laboratory
Richland, Washington, United States
Juan M. Brandi graduated from The University of Texas Pan-American with a Bachelor of Science in Mathematics. Later, he graduated with a master’s in applied mathematics from the Iowa State University with a focus in HPC and distributed computing. Currently, he works in Pacific Northwest National Laboratory focusing in the application and development of A.I. and Machine Learning algorithms.”
Pacific Northwest National Laboratory
Richland, Washington, United States
William (Bill) J. Hofer, a Cyber Security Engineer, has been at PNNL since July 2016. During his time at the lab, he has worked on engineering tasks related to deception for Cyber-Physical Systems, automated deployment of cluster-based enterprise environments, and has been an administrator of the CyberNET testbed. Bill’s research interests include cloud engineering, scientific experimentation on cyber-related issues, testbed experimental design, cyber-physical system security, and computer and network security. Bill studied at Dakota State University in South Dakota and received a B.S. in Computer and Network Security with a specialization in cyber operations and an M.S. in Information Assurance.
Pacific Northwest National Laboratory
Richland, Washington, United States
Thomas Edgar is a Senior Cyber Security Research Scientist at the Pacific Northwest National Laboratory. Throughout his career, Edgar has worked in the fields of secure communications protocols, cryptographic trust management, insider threat, security standards, and scientific approach to security and is the Co-PI for the powerNET and cyberNET testbeds. Thomas' research interests include the scientific underpinnings of cyber security and applying scientific based cyber security solutions to enterprise and critical infrastructure environments. His expertise lies in scientific process, critical infrastructure security, cyber forensics, network security, and testbed and experiment construction. Thomas' educational background consists of a B.S. and M.S. in Computer Science from the University of Tulsa with a specialization in Information Assurance.
Pacific Northwest National Laboratory
Richland, Washington, United States
Draguna Vrabie is Chief Data Scientist and Team Lead with the Data Sciences and Machine Intelligence Group at PNNL. Her work at the intersection of control system theory and machine learning is aimed at design of adaptive decision and control systems. Her current focus is on methodologies and algorithms for design and operation of high-performance cyber-physical systems. Prior to joining PNNL in 2015, she was a senior scientist at United Technologies Research Center, East Hartford, Connecticut. Draguna holds a Ph.D. in Electrical Engineering from the University of Texas at Arlington, and an M.E. and B.E. in Automatic Control and Computer Engineering from Gheorghe Asachi Technical University, Iaşi, Romania. She co-authored two books on optimal control, reinforcement learning, and differential games; has published over 50 peer-reviewed journal articles and conference papers; and holds 3 patents. She is a member of the IEEE.
Published In
Journal of Information Warfare
The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.
Quick Links
Archive
