Research

What I am working on?

I am mostly working on a project called Simulated Penetration Testing and Mitigation Analysis which aims at applying classical AI planning methods for simulating attackers in large computer networks. These networks can range from small corporate networks to internet-wide infrastructures.

What is classical AI Planning

As Prof. Jörg Hoffmann is saying in his great Everything You Always Wanted to Know About Planning (But Were Afraid to Ask) summary: "Planning is the problem of selecting a goal-leading course of actions based on a high-level description of the world". Thus, the idea for our use case is to model network attacks in a description languange and let a planning solver algorithm compute us the goal-leading actions for our assumed attacker.

Stackelberg Planning

I am not only working on simulating attacks in networks, but also on simulating defender-attacker Stackelberg games which we call Stackelberg Planning. In a nutshell, the defender tries to minimize the attacker's success while at the same time minimizing its own cost.

Applications

We applied our Stackelberg Planning framework to the email infrastructure and presented our results at EuroS&P 2018, CEBIT 2018, and on mitigations.whocontrolstheinternet.com.
We developed an improved version of this website available on project.cispa.io/fd-in-browser/ which additionally allows you to solve arbitrary Planning tasks with FastDownward running as WebAssembly code in your browser.

We also applied our Stackelberg Planning framework to the web infrastructure and published our results in ACM Transactions on Privacy and Security and as a web-based GUI at mitigation-web.github.io.