Intrusion response as a resource allocation problem

Michael Bloem, Tansu Alpcan, Tamer Başar

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

We study intrusion response in access control systems as a resource allocation problem, and address it within a decision and control framework. By modeling the interaction between malicious attacker(s) and the intrusion detection system (IDS) as a noncooperative non-zero sum game, we develop an algorithm for optimal allocation of the system administrator's time available for responding to attacks, which is treated as a scarce resource. This algorithm, referred to as the Automatic or Administrator Response (AOAR) algorithm, applies neural network and LP optimization tools. Finally, we implement an IDS prototype in MATLAB based on a game theoretical framework, and demonstrate its operation under various scenarios with and without the AOAR algorithm. Our approach and the theory developed are general and can be applied to a variety of IDSs and computer networks.

Original languageEnglish (US)
Title of host publicationProceedings of the 45th IEEE Conference on Decision and Control 2006, CDC
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages6283-6288
Number of pages6
ISBN (Print)1424401712, 9781424401710
DOIs
StatePublished - Jan 1 2006
Event45th IEEE Conference on Decision and Control 2006, CDC - San Diego, CA, United States
Duration: Dec 13 2006Dec 15 2006

Publication series

NameProceedings of the IEEE Conference on Decision and Control
ISSN (Print)0191-2216

Other

Other45th IEEE Conference on Decision and Control 2006, CDC
Country/TerritoryUnited States
CitySan Diego, CA
Period12/13/0612/15/06

ASJC Scopus subject areas

  • Control and Systems Engineering
  • Modeling and Simulation
  • Control and Optimization

Fingerprint

Dive into the research topics of 'Intrusion response as a resource allocation problem'. Together they form a unique fingerprint.

Cite this