:: Research ::

A Game Theory Inspired Defense Architecture (GIDA)


AVOIDIT: A Cyber Attack Taxonomy
AVOIDIT is a cyber attack taxonomy that provides the ability to classify attack vectors to assist defenders with disseminating defense strategies. We use five major classifiers to characterize the nature of an attack, which are classification by attack vector, classification by attack target, classification by operational impact, classification by informational impact, and classification by defense. It is presented in a tree-like structure to neatly classify attack vectors and common vulnerabilities used to launch cyber attacks. We believe AVOIDIT offers a foundation for the cyber security community and the ability to continuously grow as attacks and defenses become more sophisticated.
      We foresee AVOIDIT as a repository schema for a knowledge management system within a local network. A knowledge management system (KMS) harnesses the ability to utilize knowledge from subject matter experts and prior data to create a system where information can be shared throughout the organization. The goal is to create an organization that is resilient to attacks in all functional areas. The KMS will enable attack data to flow more accurately within an organization. AVOIDT KMS will utilize the Game Theoretic Inspired Defense Architecture System to investigate the applicability of determining the action space of the defender and attacker. AVOIDIT KMS will integrate attack information into the GIDA architecture making the data easier for game agents to locate the most relevant defense mechanism.

Figure - AVOIDIT KMS: A Cyber Attack Taxonomy Knowledge Management System