Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
110 tokens/sec
GPT-4o
56 tokens/sec
Gemini 2.5 Pro Pro
44 tokens/sec
o3 Pro
6 tokens/sec
GPT-4.1 Pro
47 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Tackling Cyberattacks through AI-based Reactive Systems: A Holistic Review and Future Vision (2312.06229v2)

Published 11 Dec 2023 in cs.CR and cs.AI

Abstract: There is no denying that the use of Information Technology (IT) is undergoing exponential growth in today's world. This digital transformation has also given rise to a multitude of security challenges, notably in the realm of cybercrime. In response to these growing threats, public and private sectors have prioritized the strengthening of IT security measures. In light of the growing security concern, AI has gained prominence within the cybersecurity landscape. This paper presents a comprehensive survey of recent advancements in AI-driven threat response systems. To the best of our knowledge, the most recent survey covering the AI reaction domain was conducted in 2017. Since then, considerable literature has been published, and therefore, it is worth reviewing it. In this comprehensive survey of the state of the art reaction systems, five key features with multiple values have been identified, facilitating a homogeneous comparison between the different works. In addition, through a meticulous methodology of article collection, the 22 most relevant publications in the field have been selected. Then each of these publications has been subjected to a detailed analysis using the features identified, which has allowed for the generation of a comprehensive overview revealing significant relationships between the papers. These relationships are further elaborated in the paper, along with the identification of potential gaps in the literature, which may guide future contributions. A total of seven research challenges have been identified, pointing out these potential gaps and suggesting possible areas of development through concrete proposals.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (140)
  1. G. Bhatt and V. Grover, “Types of information technology capabilities and their role in competitive advantage: An empirical study,” J. of Management Information Systems, vol. 22, pp. 253–278, 2005.
  2. M. Fischetti. Data theft: Hackers attack. [Online]. Available: https://www.scientificamerican.com/article/data-theft-hackers-attack/
  3. D.-O. Jaquet-Chiffelle and M. Loi, “Ethical and unethical hacking,” in The International Library of Ethics, Law and Technology.   Springer International Publishing, 2020, pp. 179–204. [Online]. Available: https://doi.org/10.1007/978-3-030-29053-5_9
  4. M. Lindsay and J. Krysik, “Online harassment among college students,” Information, Communication & Society, vol. 15, no. 5, pp. 703–719, Jun. 2012. [Online]. Available: https://doi.org/10.1080/1369118x.2012.674959
  5. D. Weissbrodt, “Cyber-conflict, cyber-crime, and cyber-espionage,” Minn. J. Int’l L., vol. 22, p. 347, 2013.
  6. S. Yu, G. Gu, A. Barnawi, S. Guo, and I. Stojmenovic, “Malware propagation in large-scale networks,” IEEE Transactions on Knowledge and Data Engineering, vol. 27, no. 1, pp. 170–179, 2015.
  7. I. Vojinovic. More than 70 cybercrime statistics – a $6 trillion problem. [Online]. Available: https://dataprot.net/statistics/cybercrime-statistics/
  8. C. Griffiths. The latest 2023 cyber crime statistics. [Online]. Available: https://aag-it.com/the-latest-cyber-crime-statistics/
  9. A. Alshamrani, S. Myneni, A. Chowdhary, and D. Huang, “A survey on advanced persistent threats: Techniques, solutions, challenges, and research opportunities,” IEEE Communications Surveys & Tutorials, vol. 21, no. 2, pp. 1851–1877, 2019.
  10. L. Y. Hunter, C. D. Albert, E. Garrett, and J. Rutland, “Democracy and cyberconflict: how regime type affects state-sponsored cyberattacks,” Journal of Cyber Policy, vol. 7, no. 1, pp. 72–94, Jan. 2022. [Online]. Available: https://doi.org/10.1080/23738871.2022.2041060
  11. CSIS. Cyber operations during the russo-ukrainian war. [Online]. Available: https://www.csis.org/analysis/cyber-operations-during-russo-ukrainian-war#h2-russian-cyber-operations
  12. X. Cheng and X. Liao, “The application of cloud computing in military intelligence fusion,” in 2011 International Conference of Information Technology, Computer Engineering and Management Sciences, vol. 1, 2011, pp. 241–244.
  13. Y. A. Younis and K. Kifayat, “Secure cloud computing for critical infrastructure: A survey,” Liverpool John Moores University, United Kingdom, Tech. Rep, pp. 599–610, 2013.
  14. W. Duo, M. Zhou, and A. Abusorrah, “A survey of cyber attacks on cyber physical systems: Recent advances and challenges,” IEEE/CAA Journal of Automatica Sinica, vol. 9, no. 5, pp. 784–800, 2022.
  15. K. Elleithy, D. Blagovic, W. Cheng, and P. Sideleau, “Denial of service attack techniques: Analysis, implementation and comparison,” Journal of Systemics, Cybernetics and Informatics, vol. 3, pp. 66–71, 2006.
  16. T. Mahjabin, Y. Xiao, G. Sun, and W. Jiang, “A survey of distributed denial-of-service attack, prevention, and mitigation techniques,” International Journal of Distributed Sensor Networks, vol. 13, no. 12, 2017.
  17. F. Gioulekas, E. Stamatiadis, A. Tzikas, K. Gounaris, A. Georgiadou, A. Michalitsi-Psarrou, G. Doukas, M. Kontoulis, Y. Nikoloudakis, S. Marin, R. Cabecinha, and C. Ntanos, “A cybersecurity culture survey targeting healthcare critical infrastructures,” Healthcare, vol. 10, p. 327, 2022.
  18. A. Khraisat, I. Gondal, P. Vamplew, and J. Kamruzzaman, “Survey of intrusion detection systems: techniques, datasets and challenges,” Cybersecur 2, 2019.
  19. O. Podzins and A. Romanovs, “Why siem is irreplaceable in a secure it environment?” in 2019 Open Conference of Electrical, Electronic and Information Sciences (eStream), 2019, pp. 1–5.
  20. D. D. López, M. B. Uribe, C. S. Cely, A. V. Torres, N. M. Guataquira, S. M. Castro, P. Nespoli, and F. G. Mármol, “Shielding IoT against cyber-attacks: An event-based approach using SIEM,” Wireless Communications and Mobile Computing, vol. 2018, pp. 1–18, Oct. 2018. [Online]. Available: https://doi.org/10.1155/2018/3029638
  21. N. Ierace, C. Urrutia, and R. Bassett, “Intrusion prevention systems,” Ubiquity, vol. 6, no. 19, pp. 2–2, 2005.
  22. B. Foo, M. W. Glause, G. M. Howard, Y.-S. Wu, S. Bagchi, and E. H. Spafford, “Intrusion response systems: a survey,” Information assurance: dependability and security in networked systems, pp. 377–412, 2008.
  23. V. Rani, M. Kumar, A. Mittal, and K. Kumar, “Artificial intelligence for cybersecurity: Recent advancements, challenges and opportunities,” Robotics and AI for Cybersecurity and Critical Infrastructure in Smart Cities, p. 73–88, 2022.
  24. K. Morovat and B. Panda, “A survey of artificial intelligence in cybersecurity,” in 2020 International Conference on Computational Science and Computational Intelligence (CSCI), 2020, pp. 109–115.
  25. C. Ulbricht, G. Dorffner, and A. Lee, “Neural networks for recognizing patterns in cardiotocograms,” Artificial intelligence in Medicine, vol. 12, no. 3, pp. 271–284, 1998.
  26. J. Porciello, M. Ivanina, M. Islam, S. Einarson, and H. Hirsh, “Accelerating evidence-informed decision-making for the sustainable development goals using machine learning,” Nature Machine Intelligence, vol. 2, no. 10, pp. 559–565, 2020.
  27. S. Ghosh-Dastidar and H. Adeli, “Spiking neural networks,” International journal of neural systems, vol. 19, no. 04, pp. 295–308, 2009.
  28. M. Macas, C. Wu, and W. Fuertes, “A survey on deep learning for cybersecurity: Progress, challenges, and opportunities,” Computer Networks, vol. 212, p. 109032, 2022. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S1389128622001864
  29. D. Díaz-López, G. Dólera-Tormo, F. Gómez-Mármol, and G. Martínez-Pérez, “Dynamic counter-measures for risk-based access control systems: An evolutive approach,” Future Generation Computer Systems, vol. 55, pp. 321–335, 2016. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S0167739X14002052
  30. A. Abubakar and B. Pranggono, “Machine learning based intrusion detection system for software defined networks,” in 2017 Seventh International Conference on Emerging Security Technologies (EST), 2017, pp. 138–143.
  31. J.-C. Pomerol, “Artificial intelligence and human decision making,” European Journal of Operational Research, vol. 99, no. 1, pp. 3–25, 1997.
  32. Y. Farhaoui, “Performance assessment of tools of the intrusion detection/prevention systems,” IJCSIS, vol. 10, p. 7, 01 2012.
  33. M. Papadaki and S. Furnell, “Ids or ips: what is best?” Network Security, vol. 2004, no. 7, pp. 15–19, 2004. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S1353485804001060
  34. P. Nespoli, D. Papamartzivanos, F. Gómez Mármol, and G. Kambourakis, “Optimal countermeasures selection against cyber attacks: A comprehensive survey on reaction frameworks,” IEEE Communications Surveys and Tutorials, vol. 20, no. 2, pp. 1361–1396, 2018.
  35. Z. Inayat, A. Gani, N. B. Anuar, M. K. Khan, and S. Anwar, “Intrusion response systems: Foundations, design, and challenges,” Journal of Network and Computer Applications, vol. 62, pp. 53–74, 2016. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S1084804515002994
  36. A. Shameli-Sendi, N. Ezzati-Jivan, M. Jabbarifar, and M. Dagenais, “Intrusion response systems: Survey and taxonomy,” International Journal Computer Science Network Security (IJCSNS), vol. 12, 01 2012.
  37. B. Fessi, M. Hamdi, S. Benabdallah, and N. Boudriga, “Automated intrusion response system: Surveys and analysis,” in 2008 International Conference on Security & Management, 07 2008, pp. 149–155.
  38. K. Goztepe, “Designing fuzzy rule based expert system for cyber security,” International Journal of Information Security Science, vol. 1, no. 1, pp. 13 – 19, 2012.
  39. M. Sonka, W. Park, and E. Hoffman, “Rule-based detection of intrathoracic airway trees,” IEEE Transactions on Medical Imaging, vol. 15, no. 3, pp. 314–326, 1996.
  40. C. M. Frenz and J. P. Yoon, “Xssmon: A perl based ids for the detection of potential xss attacks,” in 2012 IEEE Long Island Systems, Applications and Technology Conference (LISAT), 2012, pp. 1–4.
  41. D. Wagner and R. Dean, “Intrusion detection via static analysis,” in Proceedings 2001 IEEE Symposium on Security and Privacy, 2001, pp. 156–168.
  42. E. Guillen, J. Sánchez, and R. Paez, “Inefficiency of ids static anomaly detectors in real-world networks,” Future Internet, vol. 7, no. 2, pp. 94–109, 2015. [Online]. Available: https://www.mdpi.com/1999-5903/7/2/94
  43. C. Constantinides, S. Shiaeles, B. Ghita, and N. Kolokotronis, “A novel online incremental learning intrusion prevention system,” in 2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS), 2019, pp. 1–6.
  44. T. Xing, D. Huang, L. Xu, C.-J. Chung, and P. Khatkar, “Snortflow: A openflow-based intrusion prevention system in cloud environment,” in 2013 Second GENI Research and Educational Experiment Workshop, 2013, pp. 89–92.
  45. O. Sheyner and J. Wing, “Tools for generating and analyzing attack graphs,” in Formal Methods for Components and Objects, F. S. de Boer, M. M. Bonsangue, S. Graf, and W.-P. de Roever, Eds.   Berlin, Heidelberg: Springer Berlin Heidelberg, 2004, pp. 344–371.
  46. E. Tyugu, “Artificial intelligence in cyber defense,” in 2011 3rd International Conference on Cyber Conflict, 2011, pp. 1–11.
  47. M. G. Tolani and H. G. Tolani, “Use of artificial intelligence in cyber defence,” International Research Journal of Engineering and Technology, vol. 06, no. 07, 2019.
  48. P. Hamet and J. Tremblay, “Artificial intelligence in medicine,” Metabolism, vol. 69, pp. S36–S40, 2017, insights Into the Future of Medicine: Technologies, Concepts, and Integration. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S002604951730015X
  49. I. Andras, E. Mazzone, F. Leeuwen, G. De Naeyer, M. Van Oosterom, S. Beato, T. Buckle, S. O’Sullivan, P. Leeuwen, A. Beulens, N. Crisan, F. D’Hondt, P. Schatteman, H. Poel, P. Dell’Oglio, and A. Mottrie, “Artificial intelligence and robotics: a combination that is changing the operating room,” World Journal of Urology, vol. 38, 10 2020.
  50. J. W. Goodell, S. Kumar, W. M. Lim, and D. Pattnaik, “Artificial intelligence and machine learning in finance: Identifying foundations, themes, and research clusters from bibliometric analysis,” Journal of Behavioral and Experimental Finance, vol. 32, p. 100577, 2021. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S2214635021001210
  51. R. Abduljabbar, H. Dia, S. Liyanage, and S. A. Bagloee, “Applications of artificial intelligence in transport: An overview,” Sustainability, vol. 11, 2019. [Online]. Available: https://www.mdpi.com/2071-1050/11/1/189
  52. Y. Wu, “Artificial intelligence is the technical guarantee of network security,” in The 2020 International Conference on Machine Learning and Big Data Analytics for IoT Security and Privacy, J. MacIntyre, J. Zhao, and X. Ma, Eds.   Cham: Springer International Publishing, 2021, pp. 69–74.
  53. K. Morgan, “Role of ai in thr role of ai in threat detection and z eat detection and zero-day attacks,” Cybersecurity Undergraduate Research - ODU Digital Commons, 2023.
  54. S. Cooper. Ai & ml in network management. [Online]. Available: https://www.comparitech.com/net-admin/ai-ml-in-network-management/
  55. J. O. Oche, “The risk of artificial intelligence in cyber security and the role of humans,” Texila International Journal of Academic Research, 2017.
  56. A. Ali, M. A. Khan, K. Farid, S. S. Akbar, A. Ilyas, T. M. Ghazal, and H. Al Hamadi, “The effect of artificial intelligence on cybersecurity,” in 2023 International Conference on Business Analytics for Technology and Security (ICBATS), 2023, pp. 1–7.
  57. J. Botha and H. Pieterse, “Fake news and deepfakes: A dangerous threat for 21st century information security,” in 15t International Conference on Cyber Warfare and SecurityAt, 03 2020.
  58. S. He, J. Fu, C. Chen, and Z. Guo, “Research on password cracking technology based on improved transformer,” Journal of Physics: Conference Series, 2020.
  59. K. Zarei, R. Farahbakhsh, N. Crespi, and G. Tyson, “Impersonation on social media: A deep neural approach to identify ingenuine content,” in 2020 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM), 2020, pp. 11–15.
  60. “Deep reinforcement learning instrumenting bettercap for wifi pwning.” [Online]. Available: https://pwnagotchi.ai/
  61. S. Bharati, P. Podder, M. R. Hossain Mondal, and M. R. Alam Robel, “Threats and countermeasures of cyber security in direct and remote vehicle communication systems,” CoRR, vol. abs/2006.08723, 2020. [Online]. Available: https://arxiv.org/abs/2006.08723
  62. C. Lopez, A. Sargolzaei, H. Santana, and C. Huerta, “Smart grid cyber security: An overview of threats and countermeasures,” Journal of Energy and Power Engineering, vol. 9, 07 2015.
  63. T. T. Khoei, H. O. Slimane, and N. Kaabouch, “A comprehensive survey on the cyber-security of smart grids: Cyber-attacks, detection, countermeasure techniques, and future directions,” 2022.
  64. J.-P. A. Yaacoub, H. N. Noura, O. Salman, and A. Chehab, “Robotics cyber security: vulnerabilities, attacks, countermeasures, and recommendations,” International Journal of Information Security, p. pages115–158, 2022.
  65. K. Goztepe, V. Dizdaroğlu, and S. Sagiroglu, “New directions in military and security studies: Artificial intelligence and military decision making process,” International Journal of Information Security Science, vol. 4, pp. 69–80, 01 2015.
  66. I. E. Naqa and M. J. Murphy, “What is machine learning?” in Machine Learning in Radiation Oncology.   Springer International Publishing, 2015, pp. 3–11. [Online]. Available: https://doi.org/10.1007/978-3-319-18305-3_1
  67. G. J. Pai and J. B. Dugan, “Enhancing software reliability estimation using bayesian networks and fault trees,” FastAbstract ISSRE and Chillarege Corp. Copyright, 2001.
  68. T. A. Stephenson, “An introduction to bayesian network theory and usage,” IDIAP, 2000. [Online]. Available: http://infoscience.epfl.ch/record/82584
  69. N. Aloysius and M. Geetha, “A review on deep convolutional neural networks,” in 2017 International Conference on Communication and Signal Processing (ICCSP), 2017, pp. 0588–0592.
  70. D. Foead, A. Ghifari, M. B. Kusuma, N. Hanafiah, and E. Gunawan, “A systematic literature review of a* pathfinding,” Procedia Computer Science, vol. 179, pp. 507–514, 2021, 5th International Conference on Computer Science and Computational Intelligence 2020. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S1877050921000399
  71. A. Sohail, “Genetic algorithms in the fields of artificial intelligence and data sciences,” Annals of Data Science, vol. 10, p. pages1007–1018, 2021.
  72. R. R. Hoffman, S. T. Mueller, G. Klein, and J. Litman, “Metrics for explainable ai: Challenges and prospects,” 2019.
  73. G. S. Handelman, H. K. Kok, R. V. Chandra, A. H. Razavi, S. Huang, M. Brooks, M. J. Lee, and H. Asadi, “Peering into the black box of artificial intelligence: Evaluation metrics of machine learning methods,” American Journal of Roentgenology, vol. 212, no. 1, pp. 38–43, Jan. 2019. [Online]. Available: https://doi.org/10.2214/ajr.18.20224
  74. J. Moteff, C. Copeland, and J. Fischer, “Critical infrastructures: What makes an infrastructure critical?” Library of congress Washington DC congressional research service, Tech. Rep. ADA467306, 2003. [Online]. Available: https://apps.dtic.mil/sti/citations/ADA467306
  75. J. Moteff and P. Parfomak, “Critical infrastructure and key assets: Definition and identification,” Library of congress Washington DC congressional research service, Tech. Rep. ADA454016, 2004. [Online]. Available: https://apps.dtic.mil/sti/citations/ADA454016
  76. D. Evans, “The internet of things,” How the Next Evolution of the Internet is Changing Everything, Whitepaper, Cisco Internet Business Solutions Group (IBSG), vol. 1, pp. 1–12, 2011.
  77. D.-R. Berte, “Defining the iot,” Proceedings of the International Conference on Business Excellence, vol. 12, no. 1, pp. 118–128, 3918. [Online]. Available: https://doi.org/10.2478/picbe-2018-0013
  78. A. P. Henriques de Gusmão, M. Mendonça Silva, T. Poleto, L. Camara e Silva, and A. P. Cabral Seixas Costa, “Cybersecurity risk analysis model using fault tree analysis and fuzzy decision theory,” International Journal of Information Management, vol. 43, pp. 248–260, 2018. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S026840121830077X
  79. D. Kritzinger, “4 - fault tree analysis,” in Aircraft System Safety, D. Kritzinger, Ed.   Woodhead Publishing, 2017, pp. 59–99. [Online]. Available: https://www.sciencedirect.com/science/article/pii/B9780081008898000040
  80. D. Dubois and H. Prade, “Fuzzy set and possibility theory-based methods in artificial intelligence,” Artificial Intelligence, vol. 148, no. 1, pp. 1–9, 2003, fuzzy Set and Possibility Theory-Based Methods in Artificial Intelligence. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S0004370203001188
  81. P. Ekel, J. Martini, and R. Palhares, “Multicriteria analysis in decision making under information uncertainty,” Applied Mathematics and Computation, vol. 200, no. 2, pp. 501–516, 2008, special Issue on The Foz2006 Congress of Mathematics and its Applications. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S0096300307011307
  82. “Snyk vulnerability database.” [Online]. Available: https://security.snyk.io/
  83. “Mend vulnerability database.” [Online]. Available: https://www.mend.io/vulnerability-database/
  84. (2020) Niac common vulnerability scoring system: Final report and recommendations. [Online]. Available: www.cisa.gov/resources-tools/resources/niac-common-vulnerability-scoring-system-final-report-and-recommendations
  85. O. Stan, R. Bitton, M. Ezrets, M. Dadon, M. Inokuchi, Y. Ohta, T. Yagyu, Y. Elovici, and A. Shabtai, “Heuristic approach for countermeasure selection using attack graphs,” in 2021 IEEE 34th Computer Security Foundations Symposium (CSF), 2021, pp. 1–16.
  86. X. Ou, S. Govindavajhala, and A. W. Appel, “Mulval: A logic-based network security analyzer,” in Proceedings of the 14th Conference on USENIX Security Symposium - Volume 14, ser. SSYM’05.   USA: USENIX Association, 2005, p. 8.
  87. D. H. D. Warren, L. M. Pereira, and F. Pereira, “Prolog - the language and its implementation compared with lisp,” SIGPLAN Not., vol. 12, no. 8, p. 109–115, aug 1977. [Online]. Available: https://doi.org/10.1145/872734.806939
  88. D. Papamartzivanos, F. Gómez Mármol, and G. Kambourakis, “Introducing deep learning self-adaptive misuse network intrusion detection systems,” IEEE Access, vol. 7, pp. 13 546–13 560, 2019.
  89. J. Vizcarrondo, J. Aguilar, E. Exposito, and A. Subias, “Mape-k as a service-oriented architecture,” IEEE Latin America Transactions, vol. 15, no. 6, pp. 1163–1175, 2017.
  90. O. Standard. Network topology mapper. [Online]. Available: https://www.solarwinds.com/network-topology-mapper?utm_source=itfirms.co&utm_medium=referral&utm_campaign=networkmappingsoftware
  91. A. Makhzani and B. Frey, “k-sparse autoencoders,” 2014.
  92. X. Li, C. Zhou, Y.-C. Tian, and Y. Qin, “A dynamic decision-making approach for intrusion response in industrial control systems,” IEEE Transactions on Industrial Informatics, vol. 15, no. 5, pp. 2544–2554, 2019.
  93. G. Gonzalez-Granadillo, E. Doynikova, J. Garcia-Alfaro, I. Kotenko, and A. Fedorchenko, “Stateful rori-based countermeasure selection using hypergraphs,” Journal of Information Security and Applications, vol. 54, p. 102541, 2020. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S2214212619307409
  94. N. Kheir, N. Cuppens-Boulahia, F. Cuppens, and H. Debar, “A service dependency model for cost-sensitive intrusion response,” in Computer Security – ESORICS 2010, D. Gritzalis, B. Preneel, and M. Theoharidou, Eds.   Berlin, Heidelberg: Springer Berlin Heidelberg, 2010, pp. 626–642.
  95. B. Fila and W. Wideł, “Exploiting attack–defense trees to find an optimal set of countermeasures,” in 2020 IEEE 33rd Computer Security Foundations Symposium (CSF), 2020, pp. 395–410.
  96. J. B. Hong and D. S. Kim, “Performance analysis of scalable attack representation models,” in Security and Privacy Protection in Information Processing Systems.   Springer Berlin Heidelberg, 2013, pp. 330–343. [Online]. Available: https://doi.org/10.1007/978-3-642-39218-4_25
  97. M. Khosravi-Farmad and A. Ghaemi-Bafghi, “Bayesian decision network-based security risk management framework,” Journal of Network and Systems Management, vol. 28, no. 4, pp. 1794–1819, 2020.
  98. K. Hughes, K. McLaughlin, and S. Sezer, “Dynamic countermeasure knowledge for intrusion response systems,” in 2020 31st Irish Signals and Systems Conference (ISSC), 2020, pp. 1–6.
  99. C. Program. Cve® program mission. [Online]. Available: https://www.cve.org/
  100. S. Iannucci, V. Cardellini, O. D. Barba, and I. Banicescu, “A hybrid model-free approach for the near-optimal intrusion response control of non-stationary systems,” Future Generation Computer Systems, vol. 109, pp. 111–124, 2020. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S0167739X19320424
  101. M. Otterlo and M. Wiering, “Reinforcement learning,” Adaptation, Learning, and Optimization, 2012.
  102. H. A. Kholidy, “Autonomous mitigation of cyber risks in the cyber–physical systems,” Future Generation Computer Systems, vol. 115, pp. 171–187, 2021. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S0167739X19320680
  103. P. Nespoli, F. G. Mármol, and J. M. Vidal, “A bio-inspired reaction against cyberattacks: Ais-powered optimal countermeasures selection,” IEEE Access, vol. 9, pp. 60 971–60 996, 2021.
  104. P. Nespoli, F. Gomez Marmol, and J. Maestre Vidal, “Battling against cyberattacks: towards pre-standardization of countermeasures,” Cluster Computing, vol. 24, pp. 1–25, 03 2021.
  105. S. Iannucci, E. Casalicchio, and M. Lucantonio, “An intrusion response approach for elastic applications based on reinforcement learning,” in 2021 IEEE Symposium Series on Computational Intelligence (SSCI), 2021, pp. 01–10.
  106. G. C. Platform. Online boutique. [Online]. Available: https://github.com/GoogleCloudPlatform/microservices-demo
  107. I. Kalderemidis, A. Farao, P. Bountakas, S. Panda, and C. Xenakis, “Gtm: Game theoretic methodology for optimal cybersecurity defending strategies and investments,” in Proceedings of the 17th International Conference on Availability, Reliability and Security, ser. ARES ’22.   New York, NY, USA: Association for Computing Machinery, 2022. [Online]. Available: https://doi.org/10.1145/3538969.3544431
  108. Y. Wang, Y. Wang, J. Liu, Z. Huang, and P. Xie, “A survey of game theoretic methods for cyber security,” in 2016 IEEE First International Conference on Data Science in Cyberspace (DSC), 2016, pp. 631–636.
  109. W. Kenton. Zero-sum game definition in finance, with example. [Online]. Available: https://www.investopedia.com/terms/z/zero-sumgame.asp#:~:text=Investopedia%20%2F%20Laura%20Porter-,What%20Is%20a%20Zero%2DSum%20Game%3F,wealth%20or%20benefit%20is%20zero.
  110. P. Krugman. Nash equilibrium: Definition and examples of nash equilibrium. [Online]. Available: https://www.masterclass.com/articles/nash-equilibrium-explained
  111. T. Nessus. Nessus: Network vulnerability scanning tool. [Online]. Available: https://www.tenable.com/products/nessus
  112. W. Wideł, P. Mukherjee, and M. Ekstedt, “Security countermeasures selection using the meta attack language and probabilistic attack graphs,” IEEE Access, vol. 10, pp. 89 645–89 662, 2022.
  113. W. Wideł, S. Hacks, M. Ekstedt, P. Johnson, and R. Lagerström, “The meta attack language - a formal description,” Computers & Security, vol. 130, p. 103284, 2023. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S0167404823001943
  114. Y. Yue, Y. Zhou, L. Xu, and D. Zhao, “Optimal defense strategy selection algorithm based on reinforcement learning and opposition-based learning,” Applied Sciences, vol. 12, no. 19, 2022. [Online]. Available: https://www.mdpi.com/2076-3417/12/19/9594
  115. Z. H. Abdaljabar, O. N. Ucan, and K. M. Ali Alheeti, “An intrusion detection system for iot using knn and decision-tree based classification,” in 2021 International Conference of Modern Trends in Information and Communication Technology Industry (MTICTI), 2021, pp. 1–5.
  116. M. Ahzam, R. Ahamed, F. Hanum, A. Gani, E. Ahmed, A. Salam, M. Nainar, N. Md Akim, and M. Imran, “Deep learning and big data technologies for iot security,” Computer Communications, vol. 151, pp. 495–517, 2020. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S0140366419315361
  117. Z. Liu, N. Thapa, A. Shaver, K. Roy, M. Siddula, X. Yuan, and A. Yu, “Using embedded feature selection and cnn for classification on ccd-inid-v1—a new iot dataset,” Sensors, vol. 21, no. 14, 2021. [Online]. Available: https://www.mdpi.com/1424-8220/21/14/4834
  118. T. Cody, A. Rahman, C. Redino, L. Huang, R. Clark, A. Kakkar, D. Kushwaha, P. Park, P. Beling, and E. Bowen, “Discovering exfiltration paths using reinforcement learning with attack graphs,” 2022.
  119. M. S. Barik, A. Sengupta, and C. Mazumdar, “Attack graph generation and analysis techniques,” Defence Science Journal, vol. 66, no. 6, p. 559, Oct. 2016. [Online]. Available: https://doi.org/10.14429/dsj.66.10795
  120. W. Wang, F. Harrou, B. Bouyeddou, S.-M. Senouci, and Y. Sun, “Cyber-attacks detection in industrial systems using artificial intelligence-driven methods,” International Journal of Critical Infrastructure Protection, vol. 38, p. 100542, 2022. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S1874548222000300
  121. V. Cardellini, E. Casalicchio, S. Iannucci, M. Lucantonio, S. Mittal, D. Panigrahi, and A. Silvi, “irs-partition: An intrusion response system utilizing deep q-networks and system partitions,” SoftwareX, vol. 19, p. 101120, 2022. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S2352711022000796
  122. IBM. ¿qué es la simulación montecarlo? [Online]. Available: https://www.ibm.com/es-es/topics/monte-carlo-simulation
  123. M. Lopuhaä-Zwakenberg and M. Stoelinga, “Cost-damage analysis of attack trees,” 2023.
  124. B. Schneier, “Attack trees,” Dr. Dobb’s journal, vol. 24, no. 12, pp. 21–29, 1999.
  125. T. R. Ingoldsby, “Attack tree-based threat risk analysis,” Amenaza Technologies Limited, pp. 3–9, 2010.
  126. D. Gibert, C. Mateu, and J. Planes, “The rise of machine learning for detection and classification of malware: Research developments, trends and challenges,” Journal of Network and Computer Applications, vol. 153, p. 102526, 2020. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S1084804519303868
  127. A. Mari, “The rise of machine learning in marketing: Goal, process, and benefit of ai-driven marketing,” Swiss Cognitive, Tech. Rep., 2019. [Online]. Available: https://doi.org/10.5167/uzh-197751
  128. Z. Alaaraji, S. S. Syed Ahmad, R. Abdullah, A. Mutlag, H. Raheem, and S. Basri, “Attack graph reachability: concept, analysis, challenges and issues,” Network Security, vol. 2021, pp. 13–19, 06 2021.
  129. M. M. Malik, “A hierarchy of limitations in machine learning,” 2020.
  130. E. Doynikova and I. Kotenko, “Countermeasure selection based on the attack and service dependency graphs for security incident management,” in Risks and Security of Internet and Systems.   Cham: Springer International Publishing, 2016, pp. 107–124.
  131. Kaggle. Datasets of network intrusion detection. [Online]. Available: https://www.kaggle.com/datasets?search=Network+Intrusion+Detection
  132. PapersWithCode. Datasets of network intrusion detection. [Online]. Available: https://paperswithcode.com/task/network-intrusion-detection/codeless
  133. D. Gunning, M. Stefik, J. Choi, T. Miller, S. Stumpf, and G.-Z. Yang, “XAI—explainable artificial intelligence,” Science Robotics, vol. 4, no. 37, Dec. 2019. [Online]. Available: https://doi.org/10.1126/scirobotics.aay7120
  134. AI4CYBER. About us. [Online]. Available: https://ai4cyber.eu/?page_id=219/#whoweare
  135. A. Vaswani, N. Shazeer, N. Parmar, J. Uszkoreit, L. Jones, A. N. Gomez, L. Kaiser, and I. Polosukhin, “Attention is all you need,” p. 6000–6010, 2017.
  136. A. Radford and K. Narasimhan, “Improving language understanding by generative pre-training,” 2018. [Online]. Available: https://api.semanticscholar.org/CorpusID:49313245
  137. I. Solaiman, M. Brundage, J. Clark, A. Askell, A. Herbert-Voss, J. Wu, A. Radford, and J. Wang, “Release strategies and the social impacts of language models,” 08 2019.
  138. T. B. Brown, B. Mann, N. Ryder, M. Subbiah, J. Kaplan, P. Dhariwal, A. Neelakantan, P. Shyam, G. Sastry, A. Askell, S. Agarwal, A. Herbert-Voss, G. Krueger, T. Henighan, R. Child, A. Ramesh, D. M. Ziegler, J. Wu, C. Winter, C. Hesse, M. Chen, E. Sigler, M. Litwin, S. Gray, B. Chess, J. Clark, C. Berner, S. McCandlish, A. Radford, I. Sutskever, and D. Amodei, “Language models are few-shot learners,” in Proceedings of the 34th International Conference on Neural Information Processing Systems.   Curran Associates Inc., 2020.
  139. N. Abdalgawad, A. Sajun, Y. Kaddoura, I. A. Zualkernan, and F. Aloul, “Generative deep learning to detect cyberattacks for the iot-23 dataset,” IEEE Access, vol. 10, pp. 6430–6441, 2022.
  140. A. Shi, “Cyber attacks detection based on generative adversarial networks,” in 2021 2nd Asia Conference on Computers and Communications (ACCC), 2021, pp. 111–114.
User Edit Pencil Streamline Icon: https://streamlinehq.com
Authors (3)
Citations (3)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now
X Twitter Logo Streamline Icon: https://streamlinehq.com

Tweets