Skip to Main Content
 

Global Search Box

 
 
 
 

ETD Abstract Container

Abstract Header

Data-Driven Cyber Vulnerability Maintenance of Network Vulnerabilities with Markov Decision Processes

Abstract Details

2017, Master of Science, Ohio State University, Industrial and Systems Engineering.
Cyber vulnerability can be exploited by cyber-attackers to achieve valuable information, alter or destroy a cyber-target. Finding a way to generate appropriate cyber vulnerability maintenance policies (a combination of maintenance actions) is crucial for cyber security administrators. The purpose of this thesis is to apply a data-driven Markov decision processes model to generate cyber vulnerability policies that minimize administrative costs, including maintenance action cost and incident risk cost, in the long term. Optimal policies aim if not to eliminate then at least to reduce the incident risk to an acceptable level. By exploiting the real-world data of Nessus scan reports and incident reports from the OSU, a host-based dataset is built to analyze the characteristics of hosts and develop host-based policies. After solving the MDP model, the optimal policies and related costs are presented in comparison with existing policy. The results show that, for hosts in management groups, the incident risk and action costs are significantly lower than for hosts with administrative privilege, and more advanced actions can be taken to protect the hosts from cyber-attacks as the result of the discounted action costs. The consequences of a successful intrusion into a critical server are more serious than for a normal host, therefore, more powerful actions are required for critical servers. For the remainder of hosts, applying only auto patching is recommended for most situations, especially for non-general-purpose hosts such as printers and routers.
Theodore Allen (Advisor)
Cathy Xia (Committee Member)
54 p.

Recommended Citations

Citations

  • Jiang, T. (2017). Data-Driven Cyber Vulnerability Maintenance of Network Vulnerabilities with Markov Decision Processes [Master's thesis, Ohio State University]. OhioLINK Electronic Theses and Dissertations Center. http://rave.ohiolink.edu/etdc/view?acc_num=osu1494203777781845

    APA Style (7th edition)

  • Jiang, Tianyu. Data-Driven Cyber Vulnerability Maintenance of Network Vulnerabilities with Markov Decision Processes. 2017. Ohio State University, Master's thesis. OhioLINK Electronic Theses and Dissertations Center, http://rave.ohiolink.edu/etdc/view?acc_num=osu1494203777781845.

    MLA Style (8th edition)

  • Jiang, Tianyu. "Data-Driven Cyber Vulnerability Maintenance of Network Vulnerabilities with Markov Decision Processes." Master's thesis, Ohio State University, 2017. http://rave.ohiolink.edu/etdc/view?acc_num=osu1494203777781845

    Chicago Manual of Style (17th edition)