Malware filtering for network security using weighted optimality measures

Michael Bloem, Tansu Alpcan, Stephan Schmidt, Tamer Başar

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

We study the deployment and configuration of the next generation of network traffic filters within a quantitative framework. Graph-theoretic and optimization methods are utilized to find optimal network traffic filtering strategies that achieve various security or cost objectives subject to hardware or security level constraints. We rely on graph-theoretic concepts such as centrality measures to assess the importance of individual routers within the network, given a traffic pattern. In addition, we consider several possible objectives involving financial costs associated with traffic filtering, the cost of failing to filter traffic, a utility associated with filtering traffic, and combinations of these costs and this utility. These optimization problems are solved taking into account constraints on networkwide filtering capabilities, individual filter capabilities, and also lower and upper bounds on the effective sampling rate for source-destination pairs. Centralized but dynamic solutions of the resulting problems are obtained under varying network traffic flows. The resulting optimal filtering strategies are simulated in MATLAB using real traffic data obtained from the Abilene project. Simulations comparing these strategies with some heuristic approaches demonstrate that they are more effective in achieving network traffic filtering objectives.

Original languageEnglish (US)
Title of host publication16th IEEE International Conference on Control Applications, CCA 2007. Part of IEEE Multi-conference on Systems and Control
Pages295-300
Number of pages6
DOIs
StatePublished - Dec 1 2007
Event16th IEEE International Conference on Control Applications, CCA 2007. Part of IEEE Multi-conference on Systems and Control - , Singapore
Duration: Oct 1 2007Oct 3 2007

Publication series

NameProceedings of the IEEE International Conference on Control Applications

Other

Other16th IEEE International Conference on Control Applications, CCA 2007. Part of IEEE Multi-conference on Systems and Control
CountrySingapore
Period10/1/0710/3/07

ASJC Scopus subject areas

  • Engineering(all)

Fingerprint Dive into the research topics of 'Malware filtering for network security using weighted optimality measures'. Together they form a unique fingerprint.

Cite this