Explaining Automatically Designed Software Defined Perimeters with a Two Phase Evolutionary Computation System
Created by W.Langdon from
gp-bibliography.bib Revision:1.7906
- @InProceedings{frazier:2024:GECCOcomp,
-
author = "James Gunder Frazier and Thomas Helmuth",
-
title = "Explaining Automatically Designed Software Defined
Perimeters with a Two Phase Evolutionary Computation
System",
-
booktitle = "Evolutionary Computation and Decision Making",
-
year = "2024",
-
editor = "Tinkle Chugh and Richard Allmendinger",
-
pages = "1527--1535",
-
address = "Melbourne, Australia",
-
series = "GECCO '24",
-
month = "14-18 " # jul,
-
organisation = "SIGEVO",
-
publisher = "Association for Computing Machinery",
-
publisher_address = "New York, NY, USA",
-
keywords = "genetic algorithms, genetic programming, evolutionary
computation, decision making, cybersecurity, networks",
-
isbn13 = "979-8-4007-0495-6",
-
DOI = "doi:10.1145/3638530.3664155",
-
size = "9 pages",
-
abstract = "Software Defined Perimeter (SDP) is a zero-trust
network-isolation defense technique which aims to limit
security risks by giving dynamic account type
assignments to network users. Despite SDP being proven
as an effective defense strategy in various domains, it
has yet to see wide-spread use due to its drawbacks.
One of SDP's most pressing issues is the need for an
expert to manually configure it for each unique
application. Here we describe a novel system for
designing SDP networks called SDPush which can
automatically design and analyze possible
configurations for a given network with
user-specifications. Since there is not a systematic
approach for account type design and assignment, we
develop a two-step optimization system consisting of a
bitstring genetic algorithm and a genetic programming
sub-system for designing and evaluating SDP networks
respectively. In order to evolve an SDP configuration
exhibiting the user-specified characteristics while
also minimizing security risk, we implement our system
to support multi-objective search spaces by providing
the system's training set with different cases aimed at
evaluating different aspects of the network
configuration. We present initial results of
experiments on networks of varying size and
characteristic requirements.",
-
notes = "GECCO-2024 EC+DM A Recombination of the 33rd
International Conference on Genetic Algorithms (ICGA)
and the 29th Annual Genetic Programming Conference
(GP)",
- }
Genetic Programming entries for
James Gunder Frazier
Thomas Helmuth
Citations