Di Li,Zhibang Yang,Siyang Yu,Mingxing Duan,Shenghong Yang

DOI: https://doi.org/10.3390/fi16090320

2024-09-05

Future Internet

Abstract:As information technology continues to evolve, cloud data centres have become increasingly prominent as the preferred infrastructure for data storage and processing. However, this shift has introduced a new array of security challenges, necessitating innovative approaches distinct from traditional network security architectures. In response, the Zero Trust Architecture (ZTA) has emerged as a promising solution, with micro-segmentation identified as a crucial component for enabling continuous auditing and stringent security controls. VxLAN technology is widely utilized in data centres for tenant isolation and virtual machine interconnection within tenant environments. Despite its prevalent use, limited research has focused on its application in micro-segmentation scenarios. To address this gap, we propose a method that leverages VLAN and VxLAN many-to-one mapping, requiring that all internal data centre traffic routes through the VxLAN gateway. This method can be implemented cost-effectively, without necessitating business modifications or causing service disruptions, thereby overcoming the challenges associated with micro-segmentation deployment. Importantly, this approach is based on standard public protocols, making it independent of specific product brands and enabling a network-centric framework that avoids software compatibility issues. To assess the effectiveness of our micro-segmentation approach, we provide a comprehensive evaluation that includes network aggregation and traffic visualization. Building on the implementation of micro-segmentation, we also introduce an enhanced asset behaviour algorithm. This algorithm constructs behavioural profiles based on the historical traffic of internal network assets, enabling the rapid identification of abnormal behaviours and facilitating timely defensive actions. Empirical results demonstrate that our algorithm is highly effective in detecting anomalous behaviour in intranet assets, making it a powerful tool for enhancing security in cloud data centres. In summary, the proposed approach offers a robust and efficient solution to the challenges of micro-segmentation in cloud data centres, contributing to the advancement of secure and reliable cloud infrastructure.

Mahmood Yousefi-Azar,Mohamed-Ali Kaafar,Andy Walker

DOI: https://doi.org/10.48550/arXiv.2003.11231

2020-03-25

Abstract:Micro-segmentation is a network security technique that requires delivering services for each unique segment. To do so, the first stage is defining these unique segments (a.k.a security groups) and then initializing policy-driven security controls. In this paper, we propose an unsupervised learning technique that covers both the security grouping and policy creation. For the network asset grouping, we develop a distance-based machine learning algorithm using the dynamic behavior of the assets. That is, after observing the entire network logs, our unsupervised learning algorithm suggests partitioning network assets into the groups. A key point of this un-supervised technique is that the grouping is only generated during the training phase and remains valid during the testing phase. The outcome of the grouping stage is then fed into the rules (security policies) creation stage enabling to establish the security groups as the lowest granularity of firewall rules. We conducted both quantitative and qualitative experiments and demonstrate the good performance of our network micro-segmentation approach. We further developed a prototype to validate the run-time performance of our approach at scale in a real-world environment. The hyper-parameters of our approach provides users with a flexible model to be fine-tuned to adapt very easily with the enterprise's security governance.

Cryptography and Security

Xian Guo,Hongbo Xian,Tao Feng,Yongbo Jiang,Di Zhang,Junli Fang

DOI: https://doi.org/10.7717/peerj-cs.1674

2023-11-17

Abstract:Software-defined networking (SDN) faces many of the same security threats as traditional networks. The separation of the SDN control plane and data plane makes the controller more vulnerable to cyber attacks. The conventional "perimeter defense" network security model cannot prevent lateral movement attacks caused by malicious insider users or hardware and software vulnerabilities. The "zero trust architecture" has become a new security network model to protect enterprise network security. In this article, we propose an intelligent zero-trust security framework IZTSDN for the software-defined networking by integrating deep learning and zero-trust architecture, which adopts zero-trust architecture to protect every resource and network connection in the network. IZTSDN uses a traffic anomaly detection mode CALSeq2Seql based on a deep learning algorithm to analyze users' network behavior in real-time and achieve continuous tracking and analysis of users, restrict malicious users from accessing network resources, and realize the dynamic authorization process. Finally, the Mininet simulation platform is extended to build the simulation platform MiniIZTA supporting zero-trust architecture and the proposed security framework IZTSDN is experimentally analyzed. The experimental results show that the IZTSDN security framework can provide about 80.5% of throughput when the network is attacked. The accuracy of abnormal traffic detection reaches 99.56% on the SDN dataset, which verifies that the reliability and availability of the IZTSDN security framework are verified.

Mengru Tsai,Shanhsin Lee,Shiuhpyng Winston Shieh

DOI: https://doi.org/10.1109/tr.2023.3345665

IF: 5.883

2024-03-09

IEEE Transactions on Reliability

Abstract:In recent years, due to the impact of the COVID-19 pandemic, enterprises have been forced to adapt their operation patterns to ensure resilience, transitioning from traditional office-based work to remote work from home. However, this sudden and unforeseen change has made enterprises unprepared, resulting in a dramatic increase in cybersecurity threats. The most significant challenge arises from the adjustment from working in previously trusted areas to that beyond the boundaries of protection. While employees used to work within the company's defense perimeter, malicious attacks were blocked and detected by boundary security gateways. Shifting to remote work moves employees out of the protective environment, thereby their devices connecting to the internal resources of a company become exploitable targets for threat actors, and weaknesses in the internal authentication, authorization, and access control mechanisms become evident. The zero trust architecture (ZTA) approach is primarily focused on resource protection. When users or services attempt to access resources, ZTA requires precise authentication, minimal authorization, and continuous verification (trust inference) to ensure legitimacy and authorization of the resource usage, eliminating any space for assumed or inherited trust. In this article, we will address the challenges in handling the threats and propose the strategies, implementation, and limitation of ZTA, aiming to shed light on its effectiveness and applicability in mitigating cybersecurity risks.

engineering, electrical & electronic,computer science, software engineering, hardware & architecture

Poonam Dhiman,Neha Saini,Yonis Gulzar,Sherzod Turaev,Amandeep Kaur,Khair Ul Nisa,Yasir Hamid

DOI: https://doi.org/10.3390/s24041328

IF: 3.9

2024-02-19

Sensors

Abstract:The Zero Trust safety architecture emerged as an intriguing approach for overcoming the shortcomings of standard network security solutions. This extensive survey study provides a meticulous explanation of the underlying principles of Zero Trust, as well as an assessment of the many strategies and possibilities for effective implementation. The survey begins by examining the role of authentication and access control within Zero Trust Architectures, and subsequently investigates innovative authentication, as well as access control solutions across different scenarios. It more deeply explores traditional techniques for encryption, micro-segmentation, and security automation, emphasizing their importance in achieving a secure Zero Trust environment. Zero Trust Architecture is explained in brief, along with the Taxonomy of Zero Trust Network Features. This review article provides useful insights into the Zero Trust paradigm, its approaches, problems, and future research objectives for scholars, practitioners, and policymakers. This survey contributes to the growth and implementation of secure network architectures in critical infrastructures by developing a deeper knowledge of Zero Trust.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Priya Parameswarappa,

DOI: https://doi.org/10.55083/irjeas.2022.v10i03013

2022-09-04

Abstract:Model-based security metrics are an emerging topic of cyber security research that focuses on assessing an information system's risk exposure. We propose an end-to-end solution with the deployment of a zero-trust network utilising Artificial Intelligence in this article to understand the security posture of a system before it is rolled out and as it matures. The major part contains a discussion about the key methods and techniques which was utilized in the development process and simplified operation principles of each developed process. Some developed processes were tested practically to evaluate the problems in the processes. Modules for automatic processing and data analysis were also developed. These modules can be connected in case it is needed. The most important data collection methods were benchmarked to detect problematic situations in the operation in different realistic situations. With the perception from the benchmark test, the problematic parts of the data collection were discovered and proposals for the solution were made which could be developed and tested in the next iterations of the development process. Working Artificial intelligence-based detection and data enrichment methods were created. The results of the article allow multiple continuous research and development projects related to data collection and data analysis with statistical and artificial intelligence-based methods.

Yinqiu Liu,Guangyuan Liu,Hongyang Du,Dusit Niyato,Jiawen Kang,Zehui Xiong,Dong In Kim,Xuemin Shen

2024-06-20

Abstract:In the rapidly evolving Next-Generation Networking (NGN) era, the adoption of zero-trust architectures has become increasingly crucial to protect security. However, provisioning zero-trust services in NGNs poses significant challenges, primarily due to the environmental complexity and dynamics. Motivated by these challenges, this paper explores efficient zero-trust service provisioning using hierarchical micro-segmentations. Specifically, we model zero-trust networks via hierarchical graphs, thereby jointly considering the resource- and trust-level features to optimize service efficiency. We organize such zero-trust networks through micro-segmentations, which support granular zero-trust policies efficiently. To generate the optimal micro-segmentation, we present the Large Language Model-Enhanced Graph Diffusion (LEGD) algorithm, which leverages the diffusion process to realize a high-quality generation paradigm. Additionally, we utilize policy boosting and Large Language Models (LLM) to enable LEGD to optimize the generation policy and understand complicated graphical features. Moreover, realizing the unique trustworthiness updates or service upgrades in zero-trust NGN, we further present LEGD-Adaptive Maintenance (LEGD-AM), providing an adaptive way to perform task-oriented fine-tuning on LEGD. Extensive experiments demonstrate that the proposed LEGD achieves 90% higher efficiency in provisioning services compared with other baselines. Moreover, the LEGD-AM can reduce the service outage time by over 50%.

Networking and Internet Architecture

Hichem Sedjelmaci,Nesrine Kaaniche,Kamel Tourki

DOI: https://doi.org/10.1007/s10922-024-09807-x

2024-03-14

Journal of Network and Systems Management

Abstract:The upcoming sixth generation (6 G) networks present significant security challenges due to the growing demand for virtualization, as indicated by their key performance indicators (KPIs). To ensure communication secrecy in such a distributed network, we propose an intelligent zero trust (ZT) framework that safeguards the radio access network (RAN) from potential threats. Our proposed ZT model is specifically designed to cater to the distributed nature of 6 G networks. It accommodates secrecy modules in various nodes, such as the base station, core network, and cloud, to monitor the network while performing hierarchical and distributed threat detection. This approach enables the distributed modules to work together to efficiently identify and respond to the suspected RAN threats. As a RAN security use case, we address the intrusion detection issues of the 6 G-enabled internet of drones. Our simulation results show the robustness of our ZT framework, which is based on distributed security modules, against potential attacks. The framework exhibits low detection time and low false positives, making it a reliable solution for securing 6 G networks. Furthermore, the ZT model enables the accommodation of secrecy modules in various nodes and provides the needed enhanced security measures in the network.

computer science, information systems,telecommunications

Mahmud Hasan

2024-10-24

Abstract:Zero Trust Architecture (ZTA) represents a transformative approach to modern cybersecurity, directly addressing the shortcomings of traditional perimeter-based security models. With the rise of cloud computing, remote work, and increasingly sophisticated cyber threats, perimeter defenses have proven ineffective at mitigating risks, particularly those involving insider threats and lateral movement within networks. ZTA shifts the security paradigm by assuming that no user, device, or system can be trusted by default, requiring continuous verification and the enforcement of least privilege access for all entities. This paper explores the key components of ZTA, such as identity and access management (IAM), micro-segmentation, continuous monitoring, and behavioral analytics, and evaluates their effectiveness in reducing vulnerabilities across diverse sectors, including finance, healthcare, and technology. Through case studies and industry reports, the advantages of ZTA in mitigating insider threats and minimizing attack surfaces are discussed. Additionally, the paper addresses the challenges faced during ZTA implementation, such as scalability, integration complexity, and costs, while providing best practices for overcoming these obstacles. Lastly, future research directions focusing on emerging technologies like AI, machine learning, blockchain, and their integration into ZTA are examined to enhance its capabilities further.

Cryptography and Security

Mohammed Alabbad,Neerja Mhaskar,Ridha Khedri

DOI: https://doi.org/10.1016/j.jnca.2024.103851

IF: 7.574

2024-04-01

Journal of Network and Computer Applications

Abstract:We study the problem of hardening the security of existing networks. Dynamic and static analysis are two main approaches that are used to address this problem. Dynamic analysis is performed using penetration testing. Penetration testing (short pentesting) simulates attacks on an existing and possibly dynamic network to identify its vulnerabilities without causing it any harm. Static analysis analyzes the access control policies of both network resources and firewalls without executing them. Although, dynamic and static analysis are extremely useful approaches, they also have several drawbacks. For instance, they do not identify vulnerabilities resulting from weak network segmentation, improper implementation of the Defence in Depth strategy, and an increased attack surface for a given resource or firewall. In this paper, we propose a novel approach termed as the referential penetration testing (RPT) approach to evaluate the security of networks. The RPT approach evaluates the network and checks for segmentation flaws, while checking for other traditional vulnerabilities. We then propose a novel framework, called the RPT framework, that incorporates the RPT approach to identify vulnerabilities in networks. The proposed framework is an application of the Digital Twin Technology in network security. We compare RPT to the network vulnerabilities assessment tools Nessus, OpenVAS, Qualys, Illumio, Tufin, and AlgoSec. The comparison reveals that RPT is different from the other tools on all the considered technical aspects, which indicates that it brings a novel approach to assess network segmentation. It has a very limited focus compared to the others, which makes it suitable for being used in combination with anyone of them to further enhance the robustness of the segmentation. Finally, we implement this framework in the Software Defined Network (SDN) environment and discuss its usefulness.

computer science, interdisciplinary applications, software engineering, hardware & architecture

Igor Ivkić,Dominik Thiede,Nicholas Race,Matthew Broadbent,Antonios Gouglidis

DOI: https://doi.org/10.1007/978-3-031-68165-3_4

2024-08-21

Abstract:Cloud computing has grown in importance in recent years which has led to a significant increase in Data Centre (DC) network requirements. A major driver of this change is virtualisation, which allows computing resources to be deployed on a large scale. However, traditional DCs, with their network topology and proliferation of network endpoints, are struggling to meet the flexible, centrally managed requirements of cloud computing applications. Software-Defined Networks (SDN) promise to offer a solution to these growing networking requirements by separating control functions from data routing. This shift adds more flexibility to networks but also introduces new security issues. This article presents a framework for evaluating security of SDN architectures. In addition, through an experimental study, we demonstrate how this framework can identify the threats and vulnerabilities, calculate their risks and severity, and provide the necessary measures to mitigate them. The proposed framework helps administrators to evaluate SDN security, address identified threats and meet network security requirements.

Cryptography and Security,Networking and Internet Architecture

Zhiqiang Wang,Xinyue Yu,Peiyang Xue,Yunhan Qu,Lei Ju

DOI: https://doi.org/10.3390/s23073774

2023-04-06

Abstract:With the rapid development of Internet of Things technology, cloud computing, and big data, the combination of medical systems and information technology has become increasingly close. However, the emergence of intelligent medical systems has brought a series of network security threats and hidden dangers, including data leakage and remote attacks, which can directly threaten patients' lives. To ensure the security of medical information systems and expand the application of zero trust in the medical field, we combined the medical system with the zero-trust security system to propose a zero-trust medical security system. In addition, in its dynamic access control module, based on the RBAC model and the calculation of user behavior risk value and trust, an access control model based on subject behavior evaluation under zero-trust conditions (ABEAC) was designed to improve the security of medical equipment and data. Finally, the feasibility of the system is verified through a simulation experiment.

Li Yang,Mirna El Rajab,Abdallah Shami,Sami Muhaidat

DOI: https://doi.org/10.1109/tnsm.2024.3376631

2024-01-01

IEEE Transactions on Network and Service Management

Abstract:Zero-Touch Networks (ZTNs) represent a state-of-the-art paradigm shift towards fully automated and intelligent network management, enabling the automation and intelligence required to manage the complexity, scale, and dynamic nature of next-generation (6G) networks. ZTNs leverage Artificial Intelligence (AI) and Machine Learning (ML) to enhance operational efficiency, support intelligent decision-making, and ensure effective resource allocation. However, the implementation of ZTNs is subject to security challenges that need to be resolved to achieve their full potential. In particular, two critical challenges arise: the need for human expertise in developing AI/ML-based security mechanisms, and the threat of adversarial attacks targeting AI/ML models. In this survey paper, we provide a comprehensive review of current security issues in ZTNs, emphasizing the need for advanced AI/ML-based security mechanisms that require minimal human intervention and protect AI/ML models themselves. Furthermore, we explore the potential of Automated ML (AutoML) technologies in developing robust security solutions for ZTNs. Through case studies, we illustrate practical approaches to securing ZTNs against both conventional and AI/ML-specific threats, including the development of autonomous intrusion detection systems and strategies to combat Adversarial ML (AML) attacks. The paper concludes with a discussion of the future research directions for the development of ZTN security approaches.

computer science, information systems

Leonard Bradatsch,Oleksandr Miroshkin,Natasa Trkulja,Frank Kargl

DOI: https://doi.org/10.48550/arXiv.2402.08299

2024-02-13

Abstract:Zero Trust security has recently gained attention in enterprise network security. One of its key ideas is making network-level access decisions based on trust scores. However, score-based access control in the enterprise domain still lacks essential elements in our understanding, and in this paper, we contribute with respect to three crucial aspects. First, we provide a comprehensive list of 29 trust attributes that can be used to calculate a trust score. By introducing a novel mathematical approach, we demonstrate how to quantify these attributes. Second, we describe a dynamic risk-based method to calculate the trust threshold the trust score must meet for permitted access. Third, we introduce a novel trust algorithm based on Subjective Logic that incorporates the first two contributions and offers fine-grained decision possibilities. We discuss how this algorithm shows a higher expressiveness compared to a lightweight additive trust algorithm. Performance-wise, a prototype of the Subjective Logic-based approach showed similar calculation times for making an access decision as the additive approach. In addition, the dynamic threshold calculation showed only 7% increased decision-making times compared to a static threshold.

Cryptography and Security

Clement Daah,Amna Qureshi,Irfan Awan,Savas Konur

DOI: https://doi.org/10.3390/electronics13050865

IF: 2.9

2024-02-23

Electronics

Abstract:As financial institutions navigate an increasingly complex cyber threat landscape and regulatory ecosystem, there is a pressing need for a robust and adaptive security architecture. This paper introduces a comprehensive, Zero Trust model-based framework specifically tailored for the finance industry. It encompasses identity and access management (IAM), data protection, and device and network security and introduces trust through blockchain technology. This study provides a literature review of existing Zero Trust paradigms and contrasts them with cybersecurity solutions currently relevant to financial settings. The research adopts a mixed methods approach, combining extensive qualitative analysis through a literature review and assessment of security assumptions, threat modelling, and implementation strategies with quantitative evaluation using a prototype banking application for vulnerability scanning, security testing, and performance testing. The IAM component ensures robust authentication and authorisation processes, while device and network security measures protect against both internal and external threats. Data protection mechanisms maintain the confidentiality and integrity of sensitive information. Additionally, the blockchain-based trust component serves as an innovative layer to enhance security measures, offering both tamper-proof verification and increased integrity. Through analysis of potential threats and experimental evaluation of the Zero Trust model's performance, the proposed framework offers financial institutions a comprehensive security architecture capable of effectively mitigating cyber threats and fostering enhanced consumer trust.

engineering, electrical & electronic,computer science, information systems,physics, applied

Charalampos Katsis,Elisa Bertino

2024-11-22

Abstract:Zero Trust (ZT) is a security paradigm aiming to curtail an attacker's lateral movements within a network by implementing least-privilege and per-request access control policies. However, its widespread adoption is hindered by the difficulty of generating proper rules due to the lack of detailed knowledge of communication requirements and the characteristic behaviors of communicating entities under benign conditions. Consequently, manual rule generation becomes cumbersome and error-prone. To address these problems, we propose ZT-SDN, an automated framework for learning and enforcing network access control in Software-Defined Networks. ZT-SDN collects data from the underlying network and models the network "transactions" performed by communicating entities as graphs. The nodes represent entities, while the directed edges represent transactions identified by different protocol stacks observed. It uses novel unsupervised learning approaches to extract transaction patterns directly from the network data, such as the allowed protocol stacks and port numbers and data transmission behavior. Finally, ZT-SDN uses an innovative approach to generate correct access control rules and infer strong associations between them, allowing proactive rule deployment in forwarding devices. We show the framework's efficacy in detecting abnormal network accesses and abuses of permitted flows in changing network conditions with real network datasets. Additionally, we showcase ZT-SDN's scalability and the network's performance when applied in an SDN environment.

Cryptography and Security

Ganiyu Oladimeji

2024-11-09

Abstract:This review discusses the theoretical frameworks and application prospects of Zero Trust Security (ZTS) in cloud computing context. This is because, as organisations move more of their applications and data to the cloud, the old borders-based security model that many implemented are inadequate, therefore a model that has a trust no one, verify everything approach is required. This paper analyzes the core principles of ZTS, including micro-segmentation, least privileged access, and continuous monitoring, while critically examining four major controversies: scalability issues, Economics, Integration issues with existing systems, and Compliance to legal requirements. In this paper, having reviewed the existing literature in the field and various implementation cases, the main barriers to implementing zero trust security were outlined, including the dimensions of decreased performance in large-scale production and the need for major upfront investments that can be difficult for small companies to meet effectively. This research shows that there is no clear correlation between security effectiveness and operational efficiency: while organisations experience up to 40% decrease of security incidents after implementation, they note first negative impacts on performance. This study also shows that to support ZTS there is a need to address the context as the economics and operations of ZTS differ in strengths depending on the size of the organizations and the infrastructures. Some of these are: performance enhancement and optimizations, economic optimization, architectural blend, and privacy-preserving technologies. This review enriches the existing literature on cloud security by presenting both the theoretical framework of ZTS and the observed issues, and provides suggestions useful for future research and practice in the construction of the cloud security architecture.

Cryptography and Security,Emerging Technologies

Nitesh Kumar,Gaurav S. Kasbekar,D. Manjunath

DOI: https://doi.org/10.1145/3595244.3595247

2023-04-26

ACM SIGMETRICS Performance Evaluation Review

Abstract:Traditionally, security systems for enterprises have implicit access based on strong cryptography, authentication and key sharing, wherein access control is based on Role Based Access Control (RBAC), in which roles such as manager, accountant and so on provide a way of deciding a subject's authority. However, years of post-attack analysis on enterprise networks has shown that a majority of times, security breaches occur intentionally or accidently due to implicitly trusted people of an enterprise itself. Zero Trust Architecture works on the principle of never granting trust implicitly, but rather continuously evaluating the trust parameters for each resource access request and has a strict, but not rigid, set of protocols for access control of a subject to resources. Endpoint Detection and Response (EDR) systems are tools that collect a large number of attributes in and around machines within an enterprise network to have close visibility into sophisticated intrusion. In our work, we seek to deploy EDR systems and build trust algorithms using tactical provenance analysis, threshold cryptography and reputation management to continuously record data, evaluate trust of a subject, and simultaneously analyze them against a database of known threat vectors to provide conditional access control. However, EDR tools generate a high volume of data that leads to false alarms, misdetections and correspondingly a high backlog of tasks that makes it infeasible, which is addressed using tactical provenance analysis and information theory.

English Else

Claudio Zanasi,Silvio Russo,Michele Colajanni

DOI: https://doi.org/10.1016/j.adhoc.2024.103414

IF: 4.816

2024-04-01

Ad Hoc Networks

Abstract:The growing digitalization of industrial systems and the increasing adoption of cloud technologies pose significant challenges to the secure management of modern industrial infrastructures integrating different Industrial Internet of Things (IIoT). Existing cybersecurity solutions can manage uniform and centralized software systems but are not designed to accommodate the requirements of heterogeneous IIoT devices, such as hard real-time operations, high reliability, and decentralization for distributed decision-making. We present a novel security architecture that is specifically designed to address the stringent requirements of IIoT systems. It is based on a network micro-segmentation that can be seamlessly integrated into existing environments, and two main components: a software-defined network (SDN) ensuring a unified abstraction layer for policy enforcement across diverse environments; and a centralized security management layer that simplifies the policy execution of any architectural design. We demonstrate the feasibility and effects of this original combination through a prototype. It experimentally demonstrates that our peer-to-peer SDN coupled with an asynchronous policy distribution process guarantees resiliency to individual failures, and enables fully decentralized operations while still ensuring a central flexible management of network topology and security policies.

computer science, information systems,telecommunications

Yunfei Ge,Quanyan Zhu

2023-12-06

Abstract:The increased connectivity and potential insider threats make traditional network defense vulnerable. Instead of assuming that everything behind the security perimeter is safe, the zero-trust security model verifies every incoming request before granting access. This chapter draws attention to the cyber resilience within the zero-trust model. We introduce the evolution from traditional perimeter-based security to zero trust and discuss their difference. Two key elements of the zero-trust engine are trust evaluation (TE) and policy engine (PE). We introduce the design of the two components and discuss how their interplay would contribute to cyber resilience. Dynamic game theory and learning are applied as quantitative approaches to achieve automated zero-trust cyber resilience. Several case studies and implementations are introduced to illustrate the benefits of such a security model.

Cryptography and Security,Computer Science and Game Theory