RRE: A game-theoretic intrusion Response and Recovery Engine

Zonouz, Saman; Khurana, Himanshu; Sanders, William H.; Yardley, Timothy

doi:10.1109/dsn.2009.5270307

Cited by 93 publications

(55 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In this case intrusion response systems (IRS) are necessary because intrusion prevention systems are unfeasible [17,18]. In previous work [19] game play method of finding the intruder were proposed based on the response and recovery method. The problem in that existing work is if the real header is misplayed the game in wrong method means the entire client under the network cannot access the data, so they can suffer the access of data, so it will be the great drawback from the existing work and study the various work from [20].…”

Section: Problem Definitionmentioning

confidence: 99%

Optimal Game Theory for Network Security using IPDRS Engine

P¹,

Nadu²

2015

International Journal of Advanced Research in Computer and Comm

View full text Add to dashboard Cite

Abstract:With the tremendous growth of network technology, network attackers are also rationally increased to disrupt the activities and hacking the data from the network users by the intruder. To provide the security from the intruder is most important one. Many researchers were proposed a different approach for providing security they does not tackle the problem, it leads an untruthful in the network. In existing system they propose a game based intrusion request and response process by game play of header node to access the data by their correct play, from this if the real header play it in wrong method means all the client user under the header also suffer from the access of the data. To tackle this issue we enhanced the game theory based on the individual play in the network to avoid the suffering of misplayed game played by the header using the IPDRS Engine.

show abstract

Section: Problem Definitionmentioning

confidence: 99%

Optimal Game Theory for Network Security using IPDRS Engine

P¹,

Nadu²

2015

International Journal of Advanced Research in Computer and Comm

View full text Add to dashboard Cite

show abstract

“…Stochastic models (e.g. [32]) are used to analyse small-scale networks, while deterministic models are mainly used to analyse large-scale networks [1]. Our work focuses on malware spread in a large computer network, thus we utilise deterministic models.…”

Section: Related Workmentioning

confidence: 99%

A Game Theoretical Method for Cost-Benefit Analysis of Malware Dissemination Prevention

Spyridopoulos

Maraslis

Mylonas

et al. 2015

Information Security Journal: A Global Perspective

View full text Add to dashboard Cite

A game theoretical method for cost-benefit analysis of malware dissemination prevention. Information Security Journal: A Global Perspective, 24 (4-6). pp. 164-176. ISSN 1939-3555 Disclaimer UWE has obtained warranties from all depositors as to their title in the material deposited and as to their right to deposit such material. UWE makes no representation or warranties of commercial utility, title, or fitness for a particular purpose or any other warranty, express or implied in respect of any material deposited.UWE makes no representation that the use of the materials will not infringe any patent, copyright, trademark or other property or proprietary rights.UWE accepts no liability for any infringement of intellectual property rights in any material deposited but will remove such material from public view pending investigation in the event of an allegation of any such infringement. Abstract Literature in malware proliferation focuses on modelling and analysing its spread dynamics. Epidemiology models, which are inspired by the characteristics of biological disease spread in human populations, have been used in the past against this threat to analyse the way malware spreads in a network. This work presents a modified version of the commonly used epidemiology models SIR and SIS, which incorporates the ability to capture the relationships between nodes within a network, along with their effect on malware dissemination process. Drawing upon a model that illustrates the network's behaviour based on the attacker's and the defender's choices, we use game theory to compute optimal strategies for the defender to minimise the effect of malware spread, minimising at the same time the security cost. We consider three defence mechanisms, "patch", "removal", and "patch and removal", which correspond to the defender's strategy, used probabilistically with a certain rate. The attacker chooses the type of attack according to its effectiveness and cost. Through the interaction between the two opponents we infer the optimal strategy for both players, known as Nash Equilibrium, evaluating the related payoffs. Hence, our model provides a cost-benefit risk management framework for managing malware spread in computer networks. PLEASE SCROLL DOWN FOR TEXT. A Game Theoretical Method for Cost-Benefit Analysis of Malware Dissemination Prevention

show abstract

“…The action can be triggered manually or via automated signaling from the initial intrusion alert. Saman et al [11] has proposed a new technique based on the intrusion detection and response scenario, which they named response and recovery engine (RRE). Their model uses a game theoretic response strategy based on two-player Stackelberg stochastic games.…”

Section: Related Workmentioning

confidence: 99%

Adaptive Hybrid Model for Network Intrusion Detection and Comparison among Machine Learning Algorithms

Haque¹,

Al-Kharobi²

2015

IJMLC

View full text Add to dashboard Cite

Abstract-In this paper, we propose a novel method using ensemble learning scheme for classifying network intrusion detection from the most renowned KDD cup dataset. We have shown that reducing the dimensionality of the large dataset provides most accurate detection. Additionally, several machine learning algorithms are used to generate the accuracy metrics and analyzed further for proper comparison. Our approach found out that this algorithm outperforms all other learning techniques. Our goal is to analyze the network intrusion data and find out the best components and use them for the attack analysis. This scheme can be used in parallel with the intrusion detection system to augment its prediction performance for the future data packets. Empirical results show that the input dimensionality reduction can provide lightweight intrusion detection system that can be embedded with the vulnerable system for generating correct classification with significance improvement in execution time.

show abstract

RRE: A game-theoretic intrusion Response and Recovery Engine

Cited by 93 publications

References 14 publications

Optimal Game Theory for Network Security using IPDRS Engine

Optimal Game Theory for Network Security using IPDRS Engine

A Game Theoretical Method for Cost-Benefit Analysis of Malware Dissemination Prevention

Adaptive Hybrid Model for Network Intrusion Detection and Comparison among Machine Learning Algorithms

Contact Info

Product

Resources

About