TY - GEN
T1 - Intrusion response as a resource allocation problem
AU - Bloem, Michael
AU - Alpcan, Tansu
AU - Başar, Tamer
PY - 2006
Y1 - 2006
N2 - We study intrusion response in access control systems as a resource allocation problem, and address it within a decision and control framework. By modeling the interaction between malicious attacker(s) and the intrusion detection system (IDS) as a noncooperative non-zero sum game, we develop an algorithm for optimal allocation of the system administrator's time available for responding to attacks, which is treated as a scarce resource. This algorithm, referred to as the Automatic or Administrator Response (AOAR) algorithm, applies neural network and LP optimization tools. Finally, we implement an IDS prototype in MATLAB based on a game theoretical framework, and demonstrate its operation under various scenarios with and without the AOAR algorithm. Our approach and the theory developed are general and can be applied to a variety of IDSs and computer networks.
AB - We study intrusion response in access control systems as a resource allocation problem, and address it within a decision and control framework. By modeling the interaction between malicious attacker(s) and the intrusion detection system (IDS) as a noncooperative non-zero sum game, we develop an algorithm for optimal allocation of the system administrator's time available for responding to attacks, which is treated as a scarce resource. This algorithm, referred to as the Automatic or Administrator Response (AOAR) algorithm, applies neural network and LP optimization tools. Finally, we implement an IDS prototype in MATLAB based on a game theoretical framework, and demonstrate its operation under various scenarios with and without the AOAR algorithm. Our approach and the theory developed are general and can be applied to a variety of IDSs and computer networks.
UR - http://www.scopus.com/inward/record.url?scp=39649111300&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=39649111300&partnerID=8YFLogxK
U2 - 10.1109/cdc.2006.376981
DO - 10.1109/cdc.2006.376981
M3 - Conference contribution
AN - SCOPUS:39649111300
SN - 1424401712
SN - 9781424401710
T3 - Proceedings of the IEEE Conference on Decision and Control
SP - 6283
EP - 6288
BT - Proceedings of the 45th IEEE Conference on Decision and Control 2006, CDC
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 45th IEEE Conference on Decision and Control 2006, CDC
Y2 - 13 December 2006 through 15 December 2006
ER -