Core Concepts
Maximizing defender's response time in Active Directory networks using decoys.
Stats
Response time is defined as the duration from the moment attackers trigger the first decoy to when they compromise the DA.
The algorithm for computing optimal attack paths is based on finding the earliest-arrival path.
The Dijkstra-based algorithm for computing earliest-arrival paths is more efficient than Wu's algorithm.
The EDO algorithm aims to acquire diverse defensive plans for maximizing response time.