"Machine Learning Algorithm May Be the Key to Timely, Inexpensive Cyber-Defense"

Zero-day attacks on vulnerable computer networks and cyber-infrastructure can significantly overwhelm traditional defenses, leading to billions of dollars in damage and weeks of manual work to recover systems after they have been infiltrated. A team of researchers led by the Pennsylvania State University have now developed a machine learning approach based on a technique called reinforcement learning. Organizations can adopt the approach to defend against attacks on their systems. The team's approach is an adaptive machine learning-driven method that addresses the current limitations of the Moving Target Defense (MTD) technique in which changes across multiple system dimensions are controlled to increase uncertainty and complexity for attackers. This technique reduces attackers' window of opportunity and increases the costs of their attack efforts. However, MTD techniques face two limitations, with the first being the time-consuming nature of manual selection and the second being that manually selected configurations may not be the most cost-effective technique. According to the researchers, the typical amount of time it takes to respond to an attack is at most 15 days, which requires significant funds and resources. The team tested their reinforcement learning algorithm in a network consisting of 10 machines. The setup included web and mail servers, along with a Gateway server, SQL server, DNS server, and an admin server. The researchers also added specific vulnerabilities to produce multiple attack scenarios. This article continues to discuss the costs of zero-day attacks on organizations and the machine learning approach developed by a Penn State-led team of researchers to help organizations defend against such attacks in a powerful and cost-effective way. 

The Pennsylvania State University reports "Machine Learning Algorithm May Be the Key to Timely, Inexpensive Cyber-Defense"

 

 

 

Submitted by Anonymous on