Data-Driven Model Generation for Deception Defence of Cyber-Physical Environments

Abstract:

Cyber deception is a burgeoning defence technique that provides increased detection and slowed attack impact. Deception could be a valuable solution for defending the slow-to-patch and minimally cryptographic industrial Cyber-Physical Systems. However, it is necessary for cyber- physical decoys to appear connected to the physical process of the defended system to be convincing. In this paper, the authors present a machine-learning approach to learn good-enough models of the defended system to drive realistic decoy response. The results of studying this approach with simulated and real building systems are discussed.


AUTHORS

Photo of Kathleen Nowak

Pacific Northwest National Laboratory
Richland, Washington, United States

Kathleen Nowak is a mathematician at PNNL. Working at PNNL, she has applied techniques from graph theory, combinatorics, optimization, game theory, linear algebra, signal processing, and topological data analysis to projects in machine learning, cyber security, nuclear nonproliferation, and  quantum computing. Her current work focuses on machine learning in the national security space. Ms. Nowak holds a PhD in pure mathematics from Iowa State University where she specialized in algebraic combinatorics.

Photo of Juan M. Brandi

Pacific Northwest National Laboratory
Richland, Washington, United States

Juan M. Brandi graduated from The University of Texas Pan-American with a Bachelor of Science in Mathematics. Later, he graduated with a master’s in applied mathematics from the Iowa State University with a focus in HPC and distributed computing. Currently, he works in Pacific Northwest National Laboratory focusing in the application and development of A.I. and Machine Learning algorithms.”

Photo of William (Bill) J. Hofer

Pacific Northwest National Laboratory
Richland, Washington, United States

William (Bill) J. Hofer, a Cyber Security Engineer, has been at PNNL since July 2016. During his time at the lab, he has worked on engineering tasks related to deception for Cyber-Physical Systems, automated deployment of cluster-based enterprise environments, and has been an administrator of the CyberNET testbed. Bill’s research interests include cloud engineering, scientific experimentation on cyber-related issues, testbed experimental design, cyber-physical system security, and computer and network security. Bill studied at Dakota State University in South Dakota and received a B.S. in Computer and Network Security with a specialization in cyber operations and an M.S. in Information Assurance.

Photo of Thomas Edgar

Pacific Northwest National Laboratory
Richland, Washington, United States

Thomas Edgar  is a Senior Cyber Security Research Scientist at the Pacific Northwest National Laboratory. Throughout his career, Edgar has worked in the fields of secure communications protocols, cryptographic trust management, insider threat, security standards, and scientific approach to security and is the Co-PI for the powerNET and cyberNET testbeds.  Thomas' research interests include the scientific underpinnings of cyber security and applying scientific based cyber security solutions to enterprise and critical infrastructure environments. His expertise lies in scientific process, critical infrastructure security, cyber forensics, network security, and testbed and experiment construction. Thomas' educational background consists of a B.S. and M.S. in Computer Science from the University of Tulsa with a specialization in Information Assurance.

 

Photo of Draguna Vrabie

Pacific Northwest National Laboratory
Richland, Washington, United States

Draguna Vrabie is Chief Data Scientist and Team Lead with the Data Sciences and Machine Intelligence Group at PNNL. Her work at the intersection of control system theory and machine learning is aimed at design of adaptive decision and control systems. Her current focus is on methodologies and algorithms for design and operation of high-performance cyber-physical systems. Prior to joining PNNL in 2015, she was a senior scientist at United Technologies Research Center, East Hartford, Connecticut. Draguna holds a Ph.D. in Electrical Engineering from the University of Texas at Arlington, and an M.E. and B.E. in Automatic Control and Computer Engineering from Gheorghe Asachi Technical University, Iaşi, Romania. She co-authored two books on optimal control, reinforcement learning, and differential games; has published over 50 peer-reviewed journal articles and conference papers; and holds 3 patents. She is a member of the IEEE.

 

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Quick Links

View the latest issue of JIW.

Latest Edition

Purchase a subscription to JIW.

Subscribe

Keywords

C

C2
C2S
CDX
CIA
CIP
CPS

D

DNS
DoD
DoS

I

IA
ICS

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

  • Journal of Information Warfare
    21 North Broad Street
    Suite 2-H
    Luray, VA 
    22835 
  • 757.581.9550
  • JIW@ArmisteadTec.com