ACRS4SDN: An Autonomous Cyber Response System for Software-Defined Networks
Abstract
Software-defined networks (SDNs) are susceptible to a wide variety of known and unknown cyberattacks. With adversaries that are capable of generating automated attacks at high pace and volume, as well as the possibility of system failures that can crop up at any time, it can be difficult for human cybersecurity experts to keep up with the necessary recovery and defense tasks. In this paper, we introduce ACRS4SDN, a system to monitor for, and quickly respond to attacks and failures that may occur in a SDN. An integral part of ACRS4SDN is its ability to autonomously recover using automated acting and planning, and it does so using a technique called hierarchical refinement. ACRS4SDN recovers a target system from faults and attacks by online planning using attack recovery procedures written as a hierarchical operational model. The autonomous responses orchestrated by ACRS4SDN considerably narrow the gap between cyberattacks and cyber defense, in terms of speed and volume, and we validate this through experimental results on a real SDN across a series of cyberattack scenarios.
Document Details
- Document Type
- Technical Report
- Publication Date
- Apr 18, 2022
- Accession Number
- AD1166980
Entities
People
- Alexander Velazquez
- Bruce Montrose
- Dana S. Nau
- Jim Luo
- Margery Li
- Myong H. Kang
- Sunandita Patra
Organizations
- United States Naval Research Laboratory