Proactive Intrusion Detection
نویسندگان
چکیده
Machine learning systems are deployed in many adversarial conditions like intrusion detection, where a classifier has to decide whether a sequence of actions come from a legitimate user or not. However, the attacker, being an adversarial agent, could reverse engineer the classifier and successfully masquerade as a legitimate user. In this paper, we propose the notion of a Proactive Intrusion Detection System (IDS) that can counter such attacks by incorporating feedback into the process. A proactive IDS influences the user’s actions and observes them in different situations to decide whether the user is an intruder. We present a formal analysis of proactive intrusion detection and extend the adversarial relationship between the IDS and the attacker to present a game theoretic analysis. Finally, we present experimental results on real and synthetic data that confirm the predictions of the analysis.
منابع مشابه
A Study on Network Intrusion Detection Based on Proactive Mechanism
In the current internet world where peoples are connected through communication channel and most of their data is hosted on the internet connected resources. Therefore the security is the major concern of this internet community to protect the resources and to protect the data hosted on these networks. In current trends, most of the end user are relying on the end security products such as Anti...
متن کاملKey Issues and Challenges of Intrusion Detection and Prevention System: Developing Proactive Protection in Wireless Network Environment
Nowadays wireless technology plays an important role in public and personal communication. However, the growth of wireless networking has confused the traditional boundaries between trusted and untrusted networks. Wireless networks are subject to a variety of threats and attacks at present. An attacker has the ability to listen to all network traffic which becoming a potential intrusion. Intrus...
متن کاملHidden Problems of Asynchronous Proactive Recovery
A node-exhaustion-safe intrusion-tolerant distributed system is a system that assuredly does not suffer more than the assumed number of node failures. In a recent work, we showed that it is not possible to build any type of nodeexhaustion-safe distributed f intrusion-tolerant system under the asynchronous model. Some years ago, an intuition about this problem motivated the research around proac...
متن کاملCombining Proactive and Retroactive Processing for Distributed Complex Event Detection
Complex Event Detection (CED) is a key capability for many monitoring applications such as intrusion detection, sensor-based activity/phenomenon tracking, and network/infrastructure monitoring. Existing CED solutions commonly assume centralized availability and proactive processing of all relevant events, and thus incur significant overhead in distributed settings. In this paper, we present and...
متن کاملStop today’s advanced cyber threats with proactive network security: HP N Platform Next-Generation Intrusion Prevention System (NGIPS) - Data Sheet (US English)
HP N Platform Next-Generation Intrusion Prevention System (NGIPS) achieves a new level of in-line, real-time protection, providing proactive network security for today’s and tomorrow’s real-world network traffic and data centers. The N Platform NGIPS’s next-generation architecture adds significant capacity for deep packet traffic inspection, and its modular software design enables the addition ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2008