A game theory based risk and impact analysis method for intrusion defense systems

Yi Luo, Ferenc Szidarovszky, Youssif Al-Nashif, Salim Hariri

Research output: Chapter in Book/Report/Conference proceedingConference contribution

19 Scopus citations

Abstract

An enormous amount of functions in our everyday life became dependent on computer networks. Network attacks become more sophisticated and perplexing. Defending against multi-stage attacks is a challenging process in Intrusion Defense Systems (IDS) due to their complexity. This paper presents a game theory method to analyze the risk and impact of multi-stage attacks in IDS. In this method, the interactions between the attacker and the administrator are modeled as a non-cooperative zero-sum multi-stage game and it is modeled as a min-max game tree where the attacker is the leader and the administrator is the follower. Alternating the actions between the administrator and the attacker forms the game tree, each of them will be allowed to play a single action at any given time. In this work, a new multi-stage attacker defender (MAD) algorithm is developed to help the administrator in defending against multi-stage attacks. The believes of the attacker and the administrator are updated based on the analysis of the life-cycle for the multi-stage attacks to reduce the horizon effect.

Original languageEnglish (US)
Title of host publication2009 IEEE/ACS International Conference on Computer Systems and Applications, AICCSA 2009
Pages975-982
Number of pages8
DOIs
StatePublished - 2009
Event7th IEEE/ACS International Conference on Computer Systems and Applications, AICCSA-2009 - Rabat, Morocco
Duration: May 10 2009May 13 2009

Publication series

Name2009 IEEE/ACS International Conference on Computer Systems and Applications, AICCSA 2009

Other

Other7th IEEE/ACS International Conference on Computer Systems and Applications, AICCSA-2009
Country/TerritoryMorocco
CityRabat
Period5/10/095/13/09

ASJC Scopus subject areas

  • Computational Theory and Mathematics
  • Computer Science Applications
  • Electrical and Electronic Engineering

Fingerprint

Dive into the research topics of 'A game theory based risk and impact analysis method for intrusion defense systems'. Together they form a unique fingerprint.

Cite this