Detecting Network Intrusions via Sampling: A Game Theoretic Approach

نویسندگان

  • Murali S. Kodialam
  • T. V. Lakshman
چکیده

In this paper, we consider the problem of detecting an intruding packet in a communication network. Detection is accomplished by sampling a portion of the packets transiting selected network links (or router interfaces). Since sampling entails incurring network costs for real-time packet sampling and packet examination hardware, we would like to develop a network packet sampling strategy to effectively detect network intrusions while not exceeding a given total sampling budget. We consider this problem in a game theoretic framework, where the intruder picks paths (or the network ingress point if only shortest path routing is possible) to minimize chances of detection and where the network operator chooses a sampling strategy to maximize the chances of detection. We formulate the game theoretic problem, and develop sampling schemes that are optimal in this game theoretic setting.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Considering chain to chain competition in forward and reverse logistics of a dynamic and integrated supply chain network design problem

In this paper, a bi-objective model is presented for dynamic and integrated network design of a new entrant competitive closed-loop supply chain. To consider dynamism and integration in the network design problem, multiple long-term periods are regarded during planning horizon, so that each long-term period includes several short-term periods. Furthermore, a chain to chain competition between t...

متن کامل

Game Theoretic Solutions to Cyber Attack and Network Defense Problems

Game Theoretic Solutions to Cyber Attack and Network Defense Problems There are increasing needs for research in the area of cyber situational awareness. The protection and defense against cyber attacks to computer network is becoming inadequate as the hacker knowledge sophisticates and as the network and each computer system become more complex. Current methods for alert correlation to detect ...

متن کامل

Cooperative game theoretic approach using fuzzy Q-learning for detecting and preventing intrusions in wireless sensor networks

Owing to the distributed nature of denial-of-service attacks, it is tremendously challenging to detect such malicious behavior using traditional intrusion detection systems in Wireless Sensor Networks (WSNs). In the current paper, a game theoretic method is introduced, namely cooperative Game-based Fuzzy Q-learning (G-FQL). G-FQL adopts a combination of both the game theoretic approach and the ...

متن کامل

Two-tier Supplier Base Efficiency Evaluation Via Network DEA: A Game Theory Approach

In today's competitive markets, firms try to reduce their supply cost by selecting efficient suppliers using different techniques. Several methods can be applied to evaluate the efficiency of supplier base. This paper develops generalized network data envelopment analysis models to examine the efficiency of two-tier supplier bases under cooperative and non-cooperative strategies where each tier...

متن کامل

Game-Theoretic Approach for Pricing Decisions in Dual-Channel Supply Chain

In the current study, a dual-channel supply chain is considered containing one manufacturer and two retailers. It is assumed that the manufacturer and retailers have the same decision powers. A game-theoretic approach is developed to analyze pricing decisions under the centralized and decentralized scenarios. First, the Nash model is established to obtain the equilibrium decisions in the decent...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2003