Improving Cyber Resiliency through Microsegmentation Policy Optimization
Software Engineering Institute
This talk examines an approach for improving cyber resilience through the synthesis of optimal microsegmentation policy for a network. By leveraging microsegmentation security architecture, we can reason about fine-grained policy rules that enforce access for given combinations of source address, destination address, destination port, and protocol. Our approach determines microsegmentation policy rules that limit adversarial movement within a network according to assumed attack scenarios and mission availability needs. For this problem, we formulate a novel optimization objective function that balances cyberattack risks against accessibility to critical network resources. Given the application of a particular set of policy rules as a candidate optimal solution, this objective function estimates the adversary effort for carrying out a particular attack scenario, which it balances against the extent to which the solution restricts access to mission-critical services. We then apply artificial intelligence techniques (evolutionary programming) to learn microsegmentation policy rules that optimize this objective function.
The attendees will learn a novel approach for formulating optimal access-control policy that allows a tunable tradeoff between thwarting adversarial scenarios and maintaining mission-critical network access.
Dr. Steven Noel is a Principal Cybersecurity Researcher in MITRE’s Cyber Solutions Innovation Center. He earned his PhD in Computer Science from the University of Louisiana at Lafayette in 2001. For 20+ years, he has led multi-disciplinary teams conducting advanced research in cybersecurity. Areas of particular focus include cyber situational understanding, cyberattack response, vulnerability path analysis, optimal network hardening, and mission impact analysis. He led the development of the CyGraph and Cauldron technologies for graph-based cybersecurity modeling, analysis, and visualization. These technologies have been transitioned to both the government and commercial sectors and deployed in a wide range of customer environments. Dr. Noel has also served as Associate Director of the Center for Secure Information Systems at George Mason University (2001-2013). He holds 10 patents, plus 4 pending. He has 4500+ citations in Google Scholar (h-index 32, i10-index 46).