TY - GEN
T1 - Malware filtering for network security using weighted optimality measures
AU - Bloem, Michael
AU - Alpcan, Tansu
AU - Schmidt, Stephan
AU - Başar, Tamer
PY - 2007
Y1 - 2007
N2 - We study the deployment and configuration of the next generation of network traffic filters within a quantitative framework. Graph-theoretic and optimization methods are utilized to find optimal network traffic filtering strategies that achieve various security or cost objectives subject to hardware or security level constraints. We rely on graph-theoretic concepts such as centrality measures to assess the importance of individual routers within the network, given a traffic pattern. In addition, we consider several possible objectives involving financial costs associated with traffic filtering, the cost of failing to filter traffic, a utility associated with filtering traffic, and combinations of these costs and this utility. These optimization problems are solved taking into account constraints on networkwide filtering capabilities, individual filter capabilities, and also lower and upper bounds on the effective sampling rate for source-destination pairs. Centralized but dynamic solutions of the resulting problems are obtained under varying network traffic flows. The resulting optimal filtering strategies are simulated in MATLAB using real traffic data obtained from the Abilene project. Simulations comparing these strategies with some heuristic approaches demonstrate that they are more effective in achieving network traffic filtering objectives.
AB - We study the deployment and configuration of the next generation of network traffic filters within a quantitative framework. Graph-theoretic and optimization methods are utilized to find optimal network traffic filtering strategies that achieve various security or cost objectives subject to hardware or security level constraints. We rely on graph-theoretic concepts such as centrality measures to assess the importance of individual routers within the network, given a traffic pattern. In addition, we consider several possible objectives involving financial costs associated with traffic filtering, the cost of failing to filter traffic, a utility associated with filtering traffic, and combinations of these costs and this utility. These optimization problems are solved taking into account constraints on networkwide filtering capabilities, individual filter capabilities, and also lower and upper bounds on the effective sampling rate for source-destination pairs. Centralized but dynamic solutions of the resulting problems are obtained under varying network traffic flows. The resulting optimal filtering strategies are simulated in MATLAB using real traffic data obtained from the Abilene project. Simulations comparing these strategies with some heuristic approaches demonstrate that they are more effective in achieving network traffic filtering objectives.
UR - http://www.scopus.com/inward/record.url?scp=43049167460&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=43049167460&partnerID=8YFLogxK
U2 - 10.1109/CCA.2007.4389246
DO - 10.1109/CCA.2007.4389246
M3 - Conference contribution
AN - SCOPUS:43049167460
SN - 1424404436
SN - 9781424404438
T3 - Proceedings of the IEEE International Conference on Control Applications
SP - 295
EP - 300
BT - 16th IEEE International Conference on Control Applications, CCA 2007. Part of IEEE Multi-conference on Systems and Control
T2 - 16th IEEE International Conference on Control Applications, CCA 2007. Part of IEEE Multi-conference on Systems and Control
Y2 - 1 October 2007 through 3 October 2007
ER -