AISGA: Multi-objective parameters optimization for countermeasures selection through genetic algorithm

Cyberattacks targeting modern network infrastructures are increasing in number and impact. This growing phenomenon emphasizes the central role of cybersecurity and, in particular, the reaction against ongoing threats targeting assets within the protected system. Such centrality is reflected in the literature, where several works have been presented to propose full-fledged reaction methodologies to tackle offensive incidents’ consequences. In this direction, the work in [18] developed an immuno-based response approach based on the application of the Artificial Immune System (AIS) methodology. That is, the AIS-powered reaction is able to calculate the optimal set of atomic countermeasure to enforce on the asset within the monitored system, minimizing the risk to which those are exposed in a more than adequate time. To further contribute to this line, the paper at hand presents AISGA, a multi-objective approach that leverages the capabilities of a Genetic Algorithm (GA) to optimize the selection of the input parameters of the AIS methodology. Specifically, AISGA selects the optimal ranges of inputs that balance the tradeoff between minimizing the global risk and the execution time of the methodology. Additionally, by flooding the AIS-powered reaction with a wide range of possible inputs, AISGA intends to demonstrate the robustness of such a model. Exhaustive experiments are executed to precisely compute the optimal ranges of parameters, demonstrating that the proposed multi-objective optimization prefers a fast-but-effective reaction.